Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2024-45801
Vulnerability from cvelistv5
Published
2024-09-16 18:25
Modified
2024-09-16 20:04
Severity ?
EPSS score ?
Summary
DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It has been discovered that malicious HTML using special nesting techniques can bypass the depth checking added to DOMPurify in recent releases. It was also possible to use Prototype Pollution to weaken the depth check. This renders dompurify unable to avoid cross site scripting (XSS) attacks. This issue has been addressed in versions 2.5.4 and 3.1.3 of DOMPurify. All users are advised to upgrade. There are no known workarounds for this vulnerability.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-45801",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-16T20:04:30.471934Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T20:04:47.181Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DOMPurify",
"vendor": "cure53",
"versions": [
{
"status": "affected",
"version": "\u003c 2.5.4"
},
{
"status": "affected",
"version": "\u003e=3.0.0, \u003c 3.1.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It has been discovered that malicious HTML using special nesting techniques can bypass the depth checking added to DOMPurify in recent releases. It was also possible to use Prototype Pollution to weaken the depth check. This renders dompurify unable to avoid cross site scripting (XSS) attacks. This issue has been addressed in versions 2.5.4 and 3.1.3 of DOMPurify. All users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1333",
"description": "CWE-1333: Inefficient Regular Expression Complexity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-16T18:25:28.065Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674"
},
{
"name": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21"
},
{
"name": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc"
}
],
"source": {
"advisory": "GHSA-mmhx-hmjr-r674",
"discovery": "UNKNOWN"
},
"title": "Tampering by prototype polution in DOMPurify"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-45801",
"datePublished": "2024-09-16T18:25:28.065Z",
"dateReserved": "2024-09-09T14:23:07.503Z",
"dateUpdated": "2024-09-16T20:04:47.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-45801\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-09-16T19:16:11.080\",\"lastModified\":\"2024-09-20T12:31:20.110\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It has been discovered that malicious HTML using special nesting techniques can bypass the depth checking added to DOMPurify in recent releases. It was also possible to use Prototype Pollution to weaken the depth check. This renders dompurify unable to avoid cross site scripting (XSS) attacks. This issue has been addressed in versions 2.5.4 and 3.1.3 of DOMPurify. All users are advised to upgrade. There are no known workarounds for this vulnerability.\"},{\"lang\":\"es\",\"value\":\"DOMPurify es un desinfectante XSS ultrarr\u00e1pido, ultratolerante y exclusivo de DOM para HTML, MathML y SVG. Se ha descubierto que el HTML malicioso que utiliza t\u00e9cnicas de anidaci\u00f3n especiales puede eludir la comprobaci\u00f3n de profundidad agregada a DOMPurify en versiones recientes. Tambi\u00e9n fue posible utilizar Prototype Pollution para debilitar la comprobaci\u00f3n de profundidad. Esto hace que dompurify no pueda evitar los ataques de cross site scripting (XSS). Este problema se ha solucionado en las versiones 2.5.4 y 3.1.3 de DOMPurify. Se recomienda a todos los usuarios que actualicen. No existen workarounds para esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":3.4}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1333\"}]}],\"references\":[{\"url\":\"https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674\",\"source\":\"security-advisories@github.com\"}]}}"
}
}
ncsc-2024-0411
Vulnerability from csaf_ncscnl
Published
2024-10-17 13:15
Modified
2024-10-17 13:15
Summary
Kwetsbaarheden verholpen in Oracle Database producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipuleren van data
- Toegang tot gevoelige gegevens
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-208
Observable Timing Discrepancy
CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-755
Improper Handling of Exceptional Conditions
CWE-834
Excessive Iteration
CWE-407
Inefficient Algorithmic Complexity
CWE-178
Improper Handling of Case Sensitivity
CWE-732
Incorrect Permission Assignment for Critical Resource
CWE-415
Double Free
CWE-311
Missing Encryption of Sensitive Data
CWE-427
Uncontrolled Search Path Element
CWE-172
Encoding Error
CWE-680
Integer Overflow to Buffer Overflow
CWE-426
Untrusted Search Path
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE-116
Improper Encoding or Escaping of Output
CWE-345
Insufficient Verification of Data Authenticity
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-203
Observable Discrepancy
CWE-190
Integer Overflow or Wraparound
CWE-552
Files or Directories Accessible to External Parties
CWE-639
Authorization Bypass Through User-Controlled Key
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-275
CWE-275
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-416
Use After Free
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-295
Improper Certificate Validation
CWE-668
Exposure of Resource to Wrong Sphere
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-918
Server-Side Request Forgery (SSRF)
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-681
Incorrect Conversion between Numeric Types
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-269
Improper Privilege Management
CWE-20
Improper Input Validation
CWE-87
Improper Neutralization of Alternate XSS Syntax
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-18
CWE-18
CWE-385
Covert Timing Channel
CWE-606
Unchecked Input for Loop Condition
CWE-192
Integer Coercion Error
CWE-390
Detection of Error Condition Without Action
CWE-1325
Improperly Controlled Sequential Memory Allocation
CWE-222
Truncation of Security-relevant Information
CWE-131
Incorrect Calculation of Buffer Size
CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE-304
Missing Critical Step in Authentication
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Toegang tot gevoelige gegevens",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "general",
"text": "Observable Timing Discrepancy",
"title": "CWE-208"
},
{
"category": "general",
"text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"title": "CWE-776"
},
{
"category": "general",
"text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"title": "CWE-88"
},
{
"category": "general",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "general",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "general",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
},
{
"category": "general",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "general",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "general",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "general",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
},
{
"category": "general",
"text": "Encoding Error",
"title": "CWE-172"
},
{
"category": "general",
"text": "Integer Overflow to Buffer Overflow",
"title": "CWE-680"
},
{
"category": "general",
"text": "Untrusted Search Path",
"title": "CWE-426"
},
{
"category": "general",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "general",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
},
{
"category": "general",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "general",
"text": "Observable Discrepancy",
"title": "CWE-203"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
},
{
"category": "general",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "CWE-275",
"title": "CWE-275"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "general",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "general",
"text": "Exposure of Resource to Wrong Sphere",
"title": "CWE-668"
},
{
"category": "general",
"text": "Inclusion of Functionality from Untrusted Control Sphere",
"title": "CWE-829"
},
{
"category": "general",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Incorrect Conversion between Numeric Types",
"title": "CWE-681"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Privilege Management",
"title": "CWE-269"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Neutralization of Alternate XSS Syntax",
"title": "CWE-87"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "CWE-18",
"title": "CWE-18"
},
{
"category": "general",
"text": "Covert Timing Channel",
"title": "CWE-385"
},
{
"category": "general",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
},
{
"category": "general",
"text": "Integer Coercion Error",
"title": "CWE-192"
},
{
"category": "general",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "general",
"text": "Improperly Controlled Sequential Memory Allocation",
"title": "CWE-1325"
},
{
"category": "general",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "general",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
},
{
"category": "general",
"text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"title": "CWE-59"
},
{
"category": "general",
"text": "Missing Critical Step in Authentication",
"title": "CWE-304"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat",
"url": "https://www.oracle.com/security-alerts/cpuoct2024.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Database producten",
"tracking": {
"current_release_date": "2024-10-17T13:15:19.595269Z",
"id": "NCSC-2024-0411",
"initial_release_date": "2024-10-17T13:15:19.595269Z",
"revision_history": [
{
"date": "2024-10-17T13:15:19.595269Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "database_-_grid",
"product": {
"name": "database_-_grid",
"product_id": "CSAFPID-1673504",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_grid:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_grid",
"product": {
"name": "database_-_grid",
"product_id": "CSAFPID-1673506",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_grid:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_core",
"product": {
"name": "database_-_core",
"product_id": "CSAFPID-1673386",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_core",
"product": {
"name": "database_-_core",
"product_id": "CSAFPID-1673385",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_core",
"product": {
"name": "database_-_core",
"product_id": "CSAFPID-1673442",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_security",
"product": {
"name": "database_-_security",
"product_id": "CSAFPID-1673507",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_security:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_security",
"product": {
"name": "database_-_security",
"product_id": "CSAFPID-1673509",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_security:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_security",
"product": {
"name": "database_-_security",
"product_id": "CSAFPID-1673508",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph_mapviewer",
"product": {
"name": "spatial_and_graph_mapviewer",
"product_id": "CSAFPID-912561",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph",
"product": {
"name": "spatial_and_graph",
"product_id": "CSAFPID-764250",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph",
"product": {
"name": "spatial_and_graph",
"product_id": "CSAFPID-1673511",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph",
"product": {
"name": "spatial_and_graph",
"product_id": "CSAFPID-1673512",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph",
"product": {
"name": "spatial_and_graph",
"product_id": "CSAFPID-816800",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph",
"product": {
"name": "spatial_and_graph",
"product_id": "CSAFPID-1673529",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "fleet_patching_and_provisioning_-_micronaut",
"product": {
"name": "fleet_patching_and_provisioning_-_micronaut",
"product_id": "CSAFPID-1673492",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:fleet_patching_and_provisioning_-_micronaut:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "fleet_patching_and_provisioning",
"product": {
"name": "fleet_patching_and_provisioning",
"product_id": "CSAFPID-1503603",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_xml_database",
"product": {
"name": "database_-_xml_database",
"product_id": "CSAFPID-1673445",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_xml_database:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_xml_database",
"product": {
"name": "database_-_xml_database",
"product_id": "CSAFPID-1673443",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_xml_database:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_xml_database",
"product": {
"name": "database_-_xml_database",
"product_id": "CSAFPID-1673444",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_xml_database:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_java_vm",
"product": {
"name": "database_-_java_vm",
"product_id": "CSAFPID-1673451",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_java_vm",
"product": {
"name": "database_-_java_vm",
"product_id": "CSAFPID-1673450",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_java_vm",
"product": {
"name": "database_-_java_vm",
"product_id": "CSAFPID-1673452",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "autonomous_health_framework",
"product": {
"name": "autonomous_health_framework",
"product_id": "CSAFPID-816798",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "autonomous_health_framework",
"product": {
"name": "autonomous_health_framework",
"product_id": "CSAFPID-816799",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "autonomous_health_framework",
"product": {
"name": "autonomous_health_framework",
"product_id": "CSAFPID-1673525",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-912046",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-1503299",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-816855",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-816361",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-912045",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-1503302",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-912044",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-1503306",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-816852",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-912600",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-816853",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-912601",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-816854",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sqlcl",
"product": {
"name": "sqlcl",
"product_id": "CSAFPID-816801",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sqlcl",
"product": {
"name": "sqlcl",
"product_id": "CSAFPID-1673405",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sqlcl:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express_administration",
"product": {
"name": "application_express_administration",
"product_id": "CSAFPID-764731",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express_customers_plugin",
"product": {
"name": "application_express_customers_plugin",
"product_id": "CSAFPID-764732",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express_team_calendar_plugin",
"product": {
"name": "application_express_team_calendar_plugin",
"product_id": "CSAFPID-764733",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express",
"product": {
"name": "application_express",
"product_id": "CSAFPID-266119",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express",
"product": {
"name": "application_express",
"product_id": "CSAFPID-1673510",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express:23.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express",
"product": {
"name": "application_express",
"product_id": "CSAFPID-1503575",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express",
"product": {
"name": "application_express",
"product_id": "CSAFPID-1673188",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "autonomous_health_framework",
"product": {
"name": "autonomous_health_framework",
"product_id": "CSAFPID-765238",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:19c:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "autonomous_health_framework",
"product": {
"name": "autonomous_health_framework",
"product_id": "CSAFPID-765239",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:21c:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "blockchain_platform",
"product": {
"name": "blockchain_platform",
"product_id": "CSAFPID-764779",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "blockchain_platform",
"product": {
"name": "blockchain_platform",
"product_id": "CSAFPID-89587",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-765259",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:_security_and_provisioning___21.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-187448",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-94075",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-220886",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-611394",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-816317",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-912567",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-1503612",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-1673479",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_essbase",
"product": {
"name": "oracle_essbase",
"product_id": "CSAFPID-1650506",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_essbase:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-816845",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-1650825",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-1673404",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-1650831",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3-21.14.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data",
"product": {
"name": "goldengate_big_data",
"product_id": "CSAFPID-764274",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_stream_analytics",
"product": {
"name": "goldengate_stream_analytics",
"product_id": "CSAFPID-764752",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_stream_analytics",
"product": {
"name": "goldengate_stream_analytics",
"product_id": "CSAFPID-1673384",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_stream_analytics",
"product": {
"name": "goldengate_stream_analytics",
"product_id": "CSAFPID-220192",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_stream_analytics",
"product": {
"name": "goldengate_stream_analytics",
"product_id": "CSAFPID-220193",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_studio",
"product": {
"name": "goldengate_studio",
"product_id": "CSAFPID-816846",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_studio",
"product": {
"name": "goldengate_studio",
"product_id": "CSAFPID-611390",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_studio",
"product": {
"name": "goldengate_studio",
"product_id": "CSAFPID-764803",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_veridata",
"product": {
"name": "goldengate_veridata",
"product_id": "CSAFPID-764275",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-342816",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1650767",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-485902",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1503736",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19.23.0.0.240716:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-219912",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19c:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1503739",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.14:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1650765",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.3-21.14:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1503738",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_goldengate_stream_analytics",
"product": {
"name": "oracle_goldengate_stream_analytics",
"product_id": "CSAFPID-1650515",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "management_pack_for__goldengate",
"product": {
"name": "management_pack_for__goldengate",
"product_id": "CSAFPID-764861",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:management_pack_for__goldengate:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "management_pack_for__goldengate",
"product": {
"name": "management_pack_for__goldengate",
"product_id": "CSAFPID-1503640",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_goldengate_studio",
"product": {
"name": "oracle_goldengate_studio",
"product_id": "CSAFPID-1650835",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_goldengate_studio:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_goldengate",
"product": {
"name": "oracle_goldengate",
"product_id": "CSAFPID-1650575",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_goldengate:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-764813",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1503661",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1503663",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673497",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-764764",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-764765",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673491",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:20.3.40:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-764766",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673495",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:21.2.71:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-764767",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673493",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:22.3.45:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673489",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:23.3.33:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673488",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:24.1.17:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1650757",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1650758",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1650761",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1650760",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1650759",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_nosql_database",
"product": {
"name": "oracle_nosql_database",
"product_id": "CSAFPID-1650584",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_nosql_database:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_secure_backup",
"product": {
"name": "oracle_secure_backup",
"product_id": "CSAFPID-1650563",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_secure_backup:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-667692",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-345049",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-611417",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-1673422",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_sql_developer",
"product": {
"name": "oracle_sql_developer",
"product_id": "CSAFPID-1650638",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_sql_developer:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sql_developer",
"product": {
"name": "sql_developer",
"product_id": "CSAFPID-764822",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sql_developer",
"product": {
"name": "sql_developer",
"product_id": "CSAFPID-220643",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sql_developer",
"product": {
"name": "sql_developer",
"product_id": "CSAFPID-816870",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sql_developer",
"product": {
"name": "sql_developer",
"product_id": "CSAFPID-816871",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sql_developer",
"product": {
"name": "sql_developer",
"product_id": "CSAFPID-1673397",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "oracle_application_express",
"product": {
"name": "oracle_application_express",
"product_id": "CSAFPID-1673144",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle_corporation:oracle_application_express:24.1:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle_corporation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-220886",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764822",
"CSAFPID-1650515",
"CSAFPID-1650638",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-89587",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-1471",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1471.json"
}
],
"title": "CVE-2022-1471"
},
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"notes": [
{
"category": "other",
"text": "Integer Coercion Error",
"title": "CWE-192"
},
{
"category": "other",
"text": "Incorrect Conversion between Numeric Types",
"title": "CWE-681"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-342816",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-764752",
"CSAFPID-764275",
"CSAFPID-764861",
"CSAFPID-266119",
"CSAFPID-187448",
"CSAFPID-219912",
"CSAFPID-765238",
"CSAFPID-765239",
"CSAFPID-765259",
"CSAFPID-667692",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-764250",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-34169",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-342816",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-764752",
"CSAFPID-764275",
"CSAFPID-764861",
"CSAFPID-266119",
"CSAFPID-187448",
"CSAFPID-219912",
"CSAFPID-765238",
"CSAFPID-765239",
"CSAFPID-765259",
"CSAFPID-667692",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-764250",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2022-34169"
},
{
"cve": "CVE-2022-36033",
"cwe": {
"id": "CWE-87",
"name": "Improper Neutralization of Alternate XSS Syntax"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Alternate XSS Syntax",
"title": "CWE-87"
},
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-220886",
"CSAFPID-94075",
"CSAFPID-764803",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764861",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-266119",
"CSAFPID-187448",
"CSAFPID-1650515",
"CSAFPID-1650835",
"CSAFPID-219912",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-667692",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-1503575",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-912567",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-36033",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-220886",
"CSAFPID-94075",
"CSAFPID-764803",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764861",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-266119",
"CSAFPID-187448",
"CSAFPID-1650515",
"CSAFPID-1650835",
"CSAFPID-219912",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-667692",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-1503575",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-912567",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2022-36033"
},
{
"cve": "CVE-2022-37454",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Integer Overflow to Buffer Overflow",
"title": "CWE-680"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-1650563",
"CSAFPID-89587",
"CSAFPID-764861"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-37454",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-37454.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-1650563",
"CSAFPID-89587",
"CSAFPID-764861"
]
}
],
"title": "CVE-2022-37454"
},
{
"cve": "CVE-2022-38136",
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-38136",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38136.json"
}
],
"title": "CVE-2022-38136"
},
{
"cve": "CVE-2022-40196",
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-40196",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40196.json"
}
],
"title": "CVE-2022-40196"
},
{
"cve": "CVE-2022-41342",
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-41342",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41342.json"
}
],
"title": "CVE-2022-41342"
},
{
"cve": "CVE-2022-42919",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Improper Privilege Management",
"title": "CWE-269"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-42919",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42919.json"
}
],
"title": "CVE-2022-42919"
},
{
"cve": "CVE-2022-45061",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-45061",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45061.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-89587"
]
}
],
"title": "CVE-2022-45061"
},
{
"cve": "CVE-2022-46337",
"product_status": {
"known_affected": [
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-764752",
"CSAFPID-764275",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-764250",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-342816",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-816361",
"CSAFPID-764813",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-46337",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46337.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-764752",
"CSAFPID-764275",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-764250",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-342816",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-816361",
"CSAFPID-764813",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692"
]
}
],
"title": "CVE-2022-46337"
},
{
"cve": "CVE-2023-2976",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"notes": [
{
"category": "other",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650584",
"CSAFPID-1650835",
"CSAFPID-1650506",
"CSAFPID-1650515",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-342816",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-764813",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692",
"CSAFPID-89587",
"CSAFPID-1673397",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-345049",
"CSAFPID-816801",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-611417",
"CSAFPID-764250",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-2976",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1650584",
"CSAFPID-1650835",
"CSAFPID-1650506",
"CSAFPID-1650515",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-342816",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-764813",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692",
"CSAFPID-89587",
"CSAFPID-1673397",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-345049",
"CSAFPID-816801",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-611417",
"CSAFPID-764250",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-2976"
},
{
"cve": "CVE-2023-4043",
"cwe": {
"id": "CWE-834",
"name": "Excessive Iteration"
},
"notes": [
{
"category": "other",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673405",
"CSAFPID-1673397",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4043",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673405",
"CSAFPID-1673397",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-4043"
},
{
"cve": "CVE-2023-4759",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"title": "CWE-59"
},
{
"category": "other",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673397",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4759",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673397",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2023-4759"
},
{
"cve": "CVE-2023-4863",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-342816",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4863",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4863.json"
}
],
"title": "CVE-2023-4863"
},
{
"cve": "CVE-2023-5072",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650575",
"CSAFPID-1650515",
"CSAFPID-1650835",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-5072",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5072.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650575",
"CSAFPID-1650515",
"CSAFPID-1650835",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-5072"
},
{
"cve": "CVE-2023-26031",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"notes": [
{
"category": "other",
"text": "Untrusted Search Path",
"title": "CWE-426"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26031",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2023-26031"
},
{
"cve": "CVE-2023-26551",
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26551",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26551.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-26551"
},
{
"cve": "CVE-2023-26552",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26552",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26552.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-26552"
},
{
"cve": "CVE-2023-26553",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26553",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26553.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-26553"
},
{
"cve": "CVE-2023-26554",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-26554"
},
{
"cve": "CVE-2023-26555",
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26555",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26555.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-26555"
},
{
"cve": "CVE-2023-28484",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764250",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-816317",
"CSAFPID-764813",
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-345049",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-611417",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-667692",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-28484",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-764250",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-816317",
"CSAFPID-764813",
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-345049",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-611417",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-667692",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
}
],
"title": "CVE-2023-28484"
},
{
"cve": "CVE-2023-29469",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
}
],
"product_status": {
"known_affected": [
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-816317",
"CSAFPID-89587",
"CSAFPID-220886",
"CSAFPID-342816",
"CSAFPID-345049",
"CSAFPID-764752",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-667692",
"CSAFPID-764813",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764250",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-29469",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-816317",
"CSAFPID-89587",
"CSAFPID-220886",
"CSAFPID-342816",
"CSAFPID-345049",
"CSAFPID-764752",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-667692",
"CSAFPID-764813",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764250",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
}
],
"title": "CVE-2023-29469"
},
{
"cve": "CVE-2023-33201",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-1650584",
"CSAFPID-1673397",
"CSAFPID-912561",
"CSAFPID-345049",
"CSAFPID-611390",
"CSAFPID-611417",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-33201",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-1650584",
"CSAFPID-1673397",
"CSAFPID-912561",
"CSAFPID-345049",
"CSAFPID-611390",
"CSAFPID-611417",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-33201"
},
{
"cve": "CVE-2023-37920",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "other",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-37920",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612"
]
}
],
"title": "CVE-2023-37920"
},
{
"cve": "CVE-2023-39410",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673404",
"CSAFPID-1673384",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-39410",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673404",
"CSAFPID-1673384",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
}
],
"title": "CVE-2023-39410"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650757",
"CSAFPID-1650758",
"CSAFPID-1650759",
"CSAFPID-1650760",
"CSAFPID-1650761",
"CSAFPID-89587",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503603",
"CSAFPID-1503575",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-44487",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650757",
"CSAFPID-1650758",
"CSAFPID-1650759",
"CSAFPID-1650760",
"CSAFPID-1650761",
"CSAFPID-89587",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503603",
"CSAFPID-1503575",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-44981",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"notes": [
{
"category": "other",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650515",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-44981",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44981.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1650515",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601"
]
}
],
"title": "CVE-2023-44981"
},
{
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-45288",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45288.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"notes": [
{
"category": "other",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650765",
"CSAFPID-1650757",
"CSAFPID-1650758",
"CSAFPID-1650767",
"CSAFPID-1650759",
"CSAFPID-1650760",
"CSAFPID-1650761",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503575",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-48795",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1650765",
"CSAFPID-1650757",
"CSAFPID-1650758",
"CSAFPID-1650767",
"CSAFPID-1650759",
"CSAFPID-1650760",
"CSAFPID-1650761",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503575",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-49083",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-49083",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49083.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2023-49083"
},
{
"cve": "CVE-2023-51384",
"cwe": {
"id": "CWE-304",
"name": "Missing Critical Step in Authentication"
},
"notes": [
{
"category": "other",
"text": "Missing Critical Step in Authentication",
"title": "CWE-304"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-51384",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51384.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-51384"
},
{
"cve": "CVE-2023-51385",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-51385",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51385.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-51385"
},
{
"cve": "CVE-2023-52425",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52425",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2023-52425"
},
{
"cve": "CVE-2023-52426",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"title": "CWE-776"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52426",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52426.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2023-52426"
},
{
"cve": "CVE-2024-1874",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-1874",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1874.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-1874"
},
{
"cve": "CVE-2024-2408",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"notes": [
{
"category": "other",
"text": "Observable Discrepancy",
"title": "CWE-203"
},
{
"category": "other",
"text": "Observable Timing Discrepancy",
"title": "CWE-208"
},
{
"category": "other",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
},
{
"category": "other",
"text": "Covert Timing Channel",
"title": "CWE-385"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2408",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2408.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-2408"
},
{
"cve": "CVE-2024-2511",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improperly Controlled Sequential Memory Allocation",
"title": "CWE-1325"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2511",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-2511"
},
{
"cve": "CVE-2024-4577",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"title": "CWE-88"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4577",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-4577"
},
{
"cve": "CVE-2024-4603",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"notes": [
{
"category": "other",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4603",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-4603"
},
{
"cve": "CVE-2024-4741",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4741",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-4741"
},
{
"cve": "CVE-2024-5458",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5458",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5458.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-5458"
},
{
"cve": "CVE-2024-5535",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673508",
"CSAFPID-1673525"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5535",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673508",
"CSAFPID-1673525"
]
}
],
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-5585",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"notes": [
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "other",
"text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"title": "CWE-88"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5585",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-5585"
},
{
"cve": "CVE-2024-6119",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673508",
"CSAFPID-1673525"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6119",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673508",
"CSAFPID-1673525"
]
}
],
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-6232",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-6232",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json"
}
],
"title": "CVE-2024-6232"
},
{
"cve": "CVE-2024-7264",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673529",
"CSAFPID-1673479",
"CSAFPID-1673511",
"CSAFPID-1673512"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7264",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673529",
"CSAFPID-1673479",
"CSAFPID-1673511",
"CSAFPID-1673512"
]
}
],
"title": "CVE-2024-7264"
},
{
"cve": "CVE-2024-7592",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-7592",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json"
}
],
"title": "CVE-2024-7592"
},
{
"cve": "CVE-2024-21131",
"product_status": {
"known_affected": [
"CSAFPID-1503299",
"CSAFPID-1503306",
"CSAFPID-1503302",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21131",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21131.json"
}
],
"title": "CVE-2024-21131"
},
{
"cve": "CVE-2024-21138",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21138",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21138.json"
}
],
"title": "CVE-2024-21138"
},
{
"cve": "CVE-2024-21140",
"product_status": {
"known_affected": [
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503299",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21140",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21140.json"
}
],
"title": "CVE-2024-21140"
},
{
"cve": "CVE-2024-21144",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21144",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21144.json"
}
],
"title": "CVE-2024-21144"
},
{
"cve": "CVE-2024-21145",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503299",
"CSAFPID-1503306",
"CSAFPID-1503302",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21145",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21145.json"
}
],
"title": "CVE-2024-21145"
},
{
"cve": "CVE-2024-21147",
"product_status": {
"known_affected": [
"CSAFPID-1503306",
"CSAFPID-1503302",
"CSAFPID-1503299",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21147",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21147.json"
}
],
"title": "CVE-2024-21147"
},
{
"cve": "CVE-2024-21233",
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21233",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21233.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
}
],
"title": "CVE-2024-21233"
},
{
"cve": "CVE-2024-21242",
"product_status": {
"known_affected": [
"CSAFPID-1673443",
"CSAFPID-1673444",
"CSAFPID-1673445"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21242",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21242.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1673443",
"CSAFPID-1673444",
"CSAFPID-1673445"
]
}
],
"title": "CVE-2024-21242"
},
{
"cve": "CVE-2024-21251",
"product_status": {
"known_affected": [
"CSAFPID-1673450",
"CSAFPID-1673451",
"CSAFPID-1673452"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21251",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21251.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673450",
"CSAFPID-1673451",
"CSAFPID-1673452"
]
}
],
"title": "CVE-2024-21251"
},
{
"cve": "CVE-2024-21261",
"product_status": {
"known_affected": [
"CSAFPID-1673144",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21261",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21261.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673144",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-21261"
},
{
"cve": "CVE-2024-22018",
"cwe": {
"id": "CWE-275",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-275",
"title": "CWE-275"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22018",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22018.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-22018"
},
{
"cve": "CVE-2024-22020",
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22020",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-22020"
},
{
"cve": "CVE-2024-22201",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673384",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22201",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673384",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-22201"
},
{
"cve": "CVE-2024-23807",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650831",
"CSAFPID-1650825",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23807",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650831",
"CSAFPID-1650825",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-23807"
},
{
"cve": "CVE-2024-23944",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23944",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23944.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-23944"
},
{
"cve": "CVE-2024-24989",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24989",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24989.json"
}
],
"title": "CVE-2024-24989"
},
{
"cve": "CVE-2024-24990",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24990",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24990.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-24990"
},
{
"cve": "CVE-2024-25710",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1673384",
"CSAFPID-816871",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-342816",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-912046",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25710",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1673384",
"CSAFPID-816871",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-342816",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-912046",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-25710"
},
{
"cve": "CVE-2024-26130",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-26130",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-26130"
},
{
"cve": "CVE-2024-26308",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1673384",
"CSAFPID-816871",
"CSAFPID-816798",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-26308",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1673384",
"CSAFPID-816871",
"CSAFPID-816798",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-26308"
},
{
"cve": "CVE-2024-27983",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27983",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27983.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-27983"
},
{
"cve": "CVE-2024-28182",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673442",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28182",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673442",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-28182"
},
{
"cve": "CVE-2024-28849",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28849",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-28849"
},
{
"cve": "CVE-2024-28887",
"cwe": {
"id": "CWE-427",
"name": "Uncontrolled Search Path Element"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28887",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28887.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
}
],
"title": "CVE-2024-28887"
},
{
"cve": "CVE-2024-29025",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673488",
"CSAFPID-1673489",
"CSAFPID-1673491",
"CSAFPID-1673492",
"CSAFPID-1673493",
"CSAFPID-1673495",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29025",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1673488",
"CSAFPID-1673489",
"CSAFPID-1673491",
"CSAFPID-1673492",
"CSAFPID-1673493",
"CSAFPID-1673495",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-29025"
},
{
"cve": "CVE-2024-29131",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673497",
"CSAFPID-1673397",
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29131",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1673497",
"CSAFPID-1673397",
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-29131"
},
{
"cve": "CVE-2024-29133",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673497",
"CSAFPID-1673397",
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29133",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1673497",
"CSAFPID-1673397",
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-29133"
},
{
"cve": "CVE-2024-31079",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-31079",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31079.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-31079"
},
{
"cve": "CVE-2024-32760",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-32760",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-32760"
},
{
"cve": "CVE-2024-34161",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34161",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34161.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-34161"
},
{
"cve": "CVE-2024-34750",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673504",
"CSAFPID-1673506"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34750",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673504",
"CSAFPID-1673506"
]
}
],
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2024-35200",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-35200",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35200.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-35200"
},
{
"cve": "CVE-2024-36137",
"cwe": {
"id": "CWE-275",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-275",
"title": "CWE-275"
},
{
"category": "other",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-36137",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36137.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-36137"
},
{
"cve": "CVE-2024-36138",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-36138",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36138.json"
}
],
"title": "CVE-2024-36138"
},
{
"cve": "CVE-2024-36387",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-36387",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-36387"
},
{
"cve": "CVE-2024-37370",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673507",
"CSAFPID-1673508",
"CSAFPID-1673509"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37370",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673507",
"CSAFPID-1673508",
"CSAFPID-1673509"
]
}
],
"title": "CVE-2024-37370"
},
{
"cve": "CVE-2024-37371",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673507",
"CSAFPID-1673508",
"CSAFPID-1673509"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37371",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673507",
"CSAFPID-1673508",
"CSAFPID-1673509"
]
}
],
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-37372",
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37372",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37372.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-37372"
},
{
"cve": "CVE-2024-38356",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673510",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38356",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38356.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673510",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-38356"
},
{
"cve": "CVE-2024-38357",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673510",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38357",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38357.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673510",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-38357"
},
{
"cve": "CVE-2024-38472",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38472",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38472.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38472"
},
{
"cve": "CVE-2024-38473",
"cwe": {
"id": "CWE-172",
"name": "Encoding Error"
},
"notes": [
{
"category": "other",
"text": "Encoding Error",
"title": "CWE-172"
},
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38473",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38473"
},
{
"cve": "CVE-2024-38474",
"cwe": {
"id": "CWE-172",
"name": "Encoding Error"
},
"notes": [
{
"category": "other",
"text": "Encoding Error",
"title": "CWE-172"
},
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38474",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38474.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38474"
},
{
"cve": "CVE-2024-38475",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38475",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38475"
},
{
"cve": "CVE-2024-38476",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Inclusion of Functionality from Untrusted Control Sphere",
"title": "CWE-829"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38476",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38476"
},
{
"cve": "CVE-2024-38477",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38477",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38477"
},
{
"cve": "CVE-2024-38998",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673511",
"CSAFPID-1673512",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38998",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673511",
"CSAFPID-1673512",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-38998"
},
{
"cve": "CVE-2024-38999",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673511",
"CSAFPID-1673512",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38999",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673511",
"CSAFPID-1673512",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-38999"
},
{
"cve": "CVE-2024-39573",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-39573",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-39573"
},
{
"cve": "CVE-2024-39884",
"cwe": {
"id": "CWE-18",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-18",
"title": "CWE-18"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-39884",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39884.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-39884"
},
{
"cve": "CVE-2024-40725",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Exposure of Resource to Wrong Sphere",
"title": "CWE-668"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40725",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40725.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479"
]
}
],
"title": "CVE-2024-40725"
},
{
"cve": "CVE-2024-40898",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40898",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479"
]
}
],
"title": "CVE-2024-40898"
},
{
"cve": "CVE-2024-45490",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45490",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
}
],
"title": "CVE-2024-45490"
},
{
"cve": "CVE-2024-45491",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45491",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
}
],
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45492",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45492",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
}
],
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45801",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-45801"
}
]
}
NCSC-2024-0466
Vulnerability from csaf_ncscnl
Published
2024-12-06 13:05
Modified
2024-12-06 13:05
Summary
Kwetsbaarheden verholpen in Atlassian producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Atlassian heeft kwetsbaarheden verholpen in diverse producten als Jira, Bamboo en Confluence.
Interpretaties
De kwetsbaarheden bevinden zich in verschillende third party componenten van ontwikkelaars zoals Oracle, RedHat en het Apache consortium. Deze kwetsbaarheden kunnen leiden tot geheugenuitputting en Denial-of-Service (DoS) door onjuiste invoerbeperkingen. Aanvallers kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde verzoeken te sturen, wat kan resulteren in systeeminstabiliteit en crashes.
Voor de kwetsbaarheden zijn door de diverse ontwikkelaars updates uitgebracht om ze te verhelpen. Atlassian heeft de updates verwerkt in de eigen producten.
Oplossingen
Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-755
Improper Handling of Exceptional Conditions
CWE-347
Improper Verification of Cryptographic Signature
CWE-1050
Excessive Platform Resource Consumption within a Loop
CWE-23
Relative Path Traversal
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-20
Improper Input Validation
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Atlassian heeft kwetsbaarheden verholpen in diverse producten als Jira, Bamboo en Confluence.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden bevinden zich in verschillende third party componenten van ontwikkelaars zoals Oracle, RedHat en het Apache consortium. Deze kwetsbaarheden kunnen leiden tot geheugenuitputting en Denial-of-Service (DoS) door onjuiste invoerbeperkingen. Aanvallers kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde verzoeken te sturen, wat kan resulteren in systeeminstabiliteit en crashes.\nVoor de kwetsbaarheden zijn door de diverse ontwikkelaars updates uitgebracht om ze te verhelpen. Atlassian heeft de updates verwerkt in de eigen producten.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "general",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
},
{
"category": "general",
"text": "Excessive Platform Resource Consumption within a Loop",
"title": "CWE-1050"
},
{
"category": "general",
"text": "Relative Path Traversal",
"title": "CWE-23"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "general",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - certbundde",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-19-2024-1456179091.html"
}
],
"title": "Kwetsbaarheden verholpen in Atlassian producten",
"tracking": {
"current_release_date": "2024-12-06T13:05:55.904619Z",
"id": "NCSC-2024-0466",
"initial_release_date": "2024-12-06T13:05:55.904619Z",
"revision_history": [
{
"date": "2024-12-06T13:05:55.904619Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "atlassian_bamboo__10.0.0",
"product": {
"name": "atlassian_bamboo__10.0.0",
"product_id": "CSAFPID-1645374",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bamboo__10.0.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bamboo__9.2.17",
"product": {
"name": "atlassian_bamboo__9.2.17",
"product_id": "CSAFPID-1621163",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bamboo__9.2.17:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bamboo__9.6.4",
"product": {
"name": "atlassian_bamboo__9.6.4",
"product_id": "CSAFPID-1645371",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bamboo__9.6.4:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bitbucket__8.19.9",
"product": {
"name": "atlassian_bitbucket__8.19.9",
"product_id": "CSAFPID-1645370",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bitbucket__8.19.9:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bitbucket__8.9.19",
"product": {
"name": "atlassian_bitbucket__8.9.19",
"product_id": "CSAFPID-1645373",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bitbucket__8.9.19:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bitbucket__9.0.0",
"product": {
"name": "atlassian_bitbucket__9.0.0",
"product_id": "CSAFPID-1645372",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bitbucket__9.0.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__7.19.26",
"product": {
"name": "atlassian_confluence__7.19.26",
"product_id": "CSAFPID-1621160",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__7.19.26:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__7.19.26__lts_",
"product": {
"name": "atlassian_confluence__7.19.26__lts_",
"product_id": "CSAFPID-1621135",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__7.19.26__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__8.5.12",
"product": {
"name": "atlassian_confluence__8.5.12",
"product_id": "CSAFPID-1645510",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__8.5.12:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__8.5.14__lts_",
"product": {
"name": "atlassian_confluence__8.5.14__lts_",
"product_id": "CSAFPID-1621133",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__8.5.14__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__8.9.4",
"product": {
"name": "atlassian_confluence__8.9.4",
"product_id": "CSAFPID-1645509",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__8.9.4:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__9.0.1",
"product": {
"name": "atlassian_confluence__9.0.1",
"product_id": "CSAFPID-1621161",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__9.0.1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence_data_center__9.0.1",
"product": {
"name": "atlassian_confluence_data_center__9.0.1",
"product_id": "CSAFPID-1621140",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence_data_center__9.0.1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software__9.12.12__lts_",
"product": {
"name": "atlassian_jira_software__9.12.12__lts_",
"product_id": "CSAFPID-1621142",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software__9.12.12__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software__9.4.25__lts_",
"product": {
"name": "atlassian_jira_software__9.4.25__lts_",
"product_id": "CSAFPID-1621143",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software__9.4.25__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software_data_center__9.17.1",
"product": {
"name": "atlassian_jira_software_data_center__9.17.1",
"product_id": "CSAFPID-1621141",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_data_center__9.17.1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software_service_management__5.12.12__lts_",
"product": {
"name": "atlassian_jira_software_service_management__5.12.12__lts_",
"product_id": "CSAFPID-1621138",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_service_management__5.12.12__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software_service_management__5.4.25__lts_",
"product": {
"name": "atlassian_jira_software_service_management__5.4.25__lts_",
"product_id": "CSAFPID-1621139",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_service_management__5.4.25__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software_service_management_data_center__5.17.1",
"product": {
"name": "atlassian_jira_software_service_management_data_center__5.17.1",
"product_id": "CSAFPID-1621137",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_service_management_data_center__5.17.1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "bamboo",
"product": {
"name": "bamboo",
"product_id": "CSAFPID-716889",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:bamboo:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "bitbucket",
"product": {
"name": "bitbucket",
"product_id": "CSAFPID-1725084",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:bitbucket:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "confluence",
"product": {
"name": "confluence",
"product_id": "CSAFPID-551338",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "jira_software",
"product": {
"name": "jira_software",
"product_id": "CSAFPID-1725085",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:jira_software:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree",
"product": {
"name": "sourcetree",
"product_id": "CSAFPID-1724900",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree",
"product": {
"name": "sourcetree",
"product_id": "CSAFPID-1725556",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:macos:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree",
"product": {
"name": "sourcetree",
"product_id": "CSAFPID-1725557",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:windows:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree_for_mac",
"product": {
"name": "sourcetree_for_mac",
"product_id": "CSAFPID-1724286",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree_for_mac:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree_for_windows",
"product": {
"name": "sourcetree_for_windows",
"product_id": "CSAFPID-1724287",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree_for_windows:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "atlassian"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-38900",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-38900",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38900.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-551338"
]
}
],
"title": "CVE-2022-38900"
},
{
"cve": "CVE-2023-46234",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"notes": [
{
"category": "other",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46234",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46234.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-551338"
]
}
],
"title": "CVE-2023-46234"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338",
"CSAFPID-1725085",
"CSAFPID-716889"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52428",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-551338",
"CSAFPID-1725085",
"CSAFPID-716889"
]
}
],
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"notes": [
{
"category": "other",
"text": "Excessive Platform Resource Consumption within a Loop",
"title": "CWE-1050"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4068",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4068.json"
}
],
"title": "CVE-2024-4068"
},
{
"cve": "CVE-2024-21697",
"product_status": {
"known_affected": [
"CSAFPID-1724286",
"CSAFPID-1724287",
"CSAFPID-1725556",
"CSAFPID-1725557"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21697",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21697.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-1724286",
"CSAFPID-1724287",
"CSAFPID-1725556",
"CSAFPID-1725557"
]
}
],
"title": "CVE-2024-21697"
},
{
"cve": "CVE-2024-24549",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1725084",
"CSAFPID-551338"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24549",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1725084",
"CSAFPID-551338"
]
}
],
"title": "CVE-2024-24549"
},
{
"cve": "CVE-2024-30172",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1621160",
"CSAFPID-1621161",
"CSAFPID-1645509",
"CSAFPID-1645510",
"CSAFPID-551338",
"CSAFPID-1725084"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-30172",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30172.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1621160",
"CSAFPID-1621161",
"CSAFPID-1645509",
"CSAFPID-1645510",
"CSAFPID-551338",
"CSAFPID-1725084"
]
}
],
"title": "CVE-2024-30172"
},
{
"cve": "CVE-2024-34750",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1621133",
"CSAFPID-1621135",
"CSAFPID-1621137",
"CSAFPID-1621138",
"CSAFPID-1621139",
"CSAFPID-1621140",
"CSAFPID-1621141",
"CSAFPID-1621142",
"CSAFPID-1621143",
"CSAFPID-1621163",
"CSAFPID-1645370",
"CSAFPID-1645371",
"CSAFPID-1645372",
"CSAFPID-1645373",
"CSAFPID-1645374"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34750",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1621133",
"CSAFPID-1621135",
"CSAFPID-1621137",
"CSAFPID-1621138",
"CSAFPID-1621139",
"CSAFPID-1621140",
"CSAFPID-1621141",
"CSAFPID-1621142",
"CSAFPID-1621143",
"CSAFPID-1621163",
"CSAFPID-1645370",
"CSAFPID-1645371",
"CSAFPID-1645372",
"CSAFPID-1645373",
"CSAFPID-1645374"
]
}
],
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2024-38286",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-38286",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38286.json"
}
],
"title": "CVE-2024-38286"
},
{
"cve": "CVE-2024-38816",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "other",
"text": "Relative Path Traversal",
"title": "CWE-23"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338",
"CSAFPID-716889"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38816",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-551338",
"CSAFPID-716889"
]
}
],
"title": "CVE-2024-38816"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1725085"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45801",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1725085"
]
}
],
"title": "CVE-2024-45801"
},
{
"cve": "CVE-2024-47561",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"product_status": {
"known_affected": [
"CSAFPID-716889"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47561",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-716889"
]
}
],
"title": "CVE-2024-47561"
}
]
}
NCSC-2024-0411
Vulnerability from csaf_ncscnl
Published
2024-10-17 13:15
Modified
2024-10-17 13:15
Summary
Kwetsbaarheden verholpen in Oracle Database producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.
Interpretaties
Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorieën schade:
- Denial-of-Service (DoS)
- Manipuleren van data
- Toegang tot gevoelige gegevens
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-208
Observable Timing Discrepancy
CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CWE-755
Improper Handling of Exceptional Conditions
CWE-834
Excessive Iteration
CWE-407
Inefficient Algorithmic Complexity
CWE-178
Improper Handling of Case Sensitivity
CWE-732
Incorrect Permission Assignment for Critical Resource
CWE-415
Double Free
CWE-311
Missing Encryption of Sensitive Data
CWE-427
Uncontrolled Search Path Element
CWE-172
Encoding Error
CWE-680
Integer Overflow to Buffer Overflow
CWE-426
Untrusted Search Path
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE-116
Improper Encoding or Escaping of Output
CWE-345
Insufficient Verification of Data Authenticity
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE-203
Observable Discrepancy
CWE-190
Integer Overflow or Wraparound
CWE-552
Files or Directories Accessible to External Parties
CWE-639
Authorization Bypass Through User-Controlled Key
CWE-125
Out-of-bounds Read
CWE-404
Improper Resource Shutdown or Release
CWE-275
CWE-275
CWE-284
Improper Access Control
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-416
Use After Free
CWE-401
Missing Release of Memory after Effective Lifetime
CWE-476
NULL Pointer Dereference
CWE-295
Improper Certificate Validation
CWE-668
Exposure of Resource to Wrong Sphere
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-918
Server-Side Request Forgery (SSRF)
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CWE-787
Out-of-bounds Write
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-122
Heap-based Buffer Overflow
CWE-121
Stack-based Buffer Overflow
CWE-681
Incorrect Conversion between Numeric Types
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-269
Improper Privilege Management
CWE-20
Improper Input Validation
CWE-87
Improper Neutralization of Alternate XSS Syntax
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-18
CWE-18
CWE-385
Covert Timing Channel
CWE-606
Unchecked Input for Loop Condition
CWE-192
Integer Coercion Error
CWE-390
Detection of Error Condition Without Action
CWE-1325
Improperly Controlled Sequential Memory Allocation
CWE-222
Truncation of Security-relevant Information
CWE-131
Incorrect Calculation of Buffer Size
CWE-59
Improper Link Resolution Before File Access ('Link Following')
CWE-304
Missing Critical Step in Authentication
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in diverse Database producten en subsystemen, zoals de Core database, Application Express, Autonomous Health Framework, Essbase, GoldenGate, SQL Developer en Secure Backup.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om aanvallen uit te voeren die kunnen leiden tot de volgende categorie\u00ebn schade:\n\n- Denial-of-Service (DoS)\n- Manipuleren van data\n- Toegang tot gevoelige gegevens",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "general",
"text": "Observable Timing Discrepancy",
"title": "CWE-208"
},
{
"category": "general",
"text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"title": "CWE-776"
},
{
"category": "general",
"text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"title": "CWE-88"
},
{
"category": "general",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "general",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "general",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
},
{
"category": "general",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
},
{
"category": "general",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "general",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "general",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
},
{
"category": "general",
"text": "Encoding Error",
"title": "CWE-172"
},
{
"category": "general",
"text": "Integer Overflow to Buffer Overflow",
"title": "CWE-680"
},
{
"category": "general",
"text": "Untrusted Search Path",
"title": "CWE-426"
},
{
"category": "general",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "general",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
},
{
"category": "general",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "general",
"text": "Observable Discrepancy",
"title": "CWE-203"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
},
{
"category": "general",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "CWE-275",
"title": "CWE-275"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "general",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "general",
"text": "Exposure of Resource to Wrong Sphere",
"title": "CWE-668"
},
{
"category": "general",
"text": "Inclusion of Functionality from Untrusted Control Sphere",
"title": "CWE-829"
},
{
"category": "general",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Incorrect Conversion between Numeric Types",
"title": "CWE-681"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Privilege Management",
"title": "CWE-269"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Neutralization of Alternate XSS Syntax",
"title": "CWE-87"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "CWE-18",
"title": "CWE-18"
},
{
"category": "general",
"text": "Covert Timing Channel",
"title": "CWE-385"
},
{
"category": "general",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
},
{
"category": "general",
"text": "Integer Coercion Error",
"title": "CWE-192"
},
{
"category": "general",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "general",
"text": "Improperly Controlled Sequential Memory Allocation",
"title": "CWE-1325"
},
{
"category": "general",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
},
{
"category": "general",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
},
{
"category": "general",
"text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"title": "CWE-59"
},
{
"category": "general",
"text": "Missing Critical Step in Authentication",
"title": "CWE-304"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; hkcert; nvd; oracle; redhat",
"url": "https://www.oracle.com/security-alerts/cpuoct2024.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Database producten",
"tracking": {
"current_release_date": "2024-10-17T13:15:19.595269Z",
"id": "NCSC-2024-0411",
"initial_release_date": "2024-10-17T13:15:19.595269Z",
"revision_history": [
{
"date": "2024-10-17T13:15:19.595269Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "database_-_grid",
"product": {
"name": "database_-_grid",
"product_id": "CSAFPID-1673504",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_grid:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_grid",
"product": {
"name": "database_-_grid",
"product_id": "CSAFPID-1673506",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_grid:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_core",
"product": {
"name": "database_-_core",
"product_id": "CSAFPID-1673386",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_core:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_core",
"product": {
"name": "database_-_core",
"product_id": "CSAFPID-1673385",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_core:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_core",
"product": {
"name": "database_-_core",
"product_id": "CSAFPID-1673442",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_core:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_security",
"product": {
"name": "database_-_security",
"product_id": "CSAFPID-1673507",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_security:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_security",
"product": {
"name": "database_-_security",
"product_id": "CSAFPID-1673509",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_security:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_security",
"product": {
"name": "database_-_security",
"product_id": "CSAFPID-1673508",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_security:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph_mapviewer",
"product": {
"name": "spatial_and_graph_mapviewer",
"product_id": "CSAFPID-912561",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph_mapviewer:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph",
"product": {
"name": "spatial_and_graph",
"product_id": "CSAFPID-764250",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph",
"product": {
"name": "spatial_and_graph",
"product_id": "CSAFPID-1673511",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph",
"product": {
"name": "spatial_and_graph",
"product_id": "CSAFPID-1673512",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph",
"product": {
"name": "spatial_and_graph",
"product_id": "CSAFPID-816800",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph:23.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "spatial_and_graph",
"product": {
"name": "spatial_and_graph",
"product_id": "CSAFPID-1673529",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:spatial_and_graph:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "fleet_patching_and_provisioning_-_micronaut",
"product": {
"name": "fleet_patching_and_provisioning_-_micronaut",
"product_id": "CSAFPID-1673492",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:fleet_patching_and_provisioning_-_micronaut:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "fleet_patching_and_provisioning",
"product": {
"name": "fleet_patching_and_provisioning",
"product_id": "CSAFPID-1503603",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:fleet_patching_and_provisioning:23.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_xml_database",
"product": {
"name": "database_-_xml_database",
"product_id": "CSAFPID-1673445",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_xml_database:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_xml_database",
"product": {
"name": "database_-_xml_database",
"product_id": "CSAFPID-1673443",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_xml_database:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_xml_database",
"product": {
"name": "database_-_xml_database",
"product_id": "CSAFPID-1673444",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_xml_database:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_java_vm",
"product": {
"name": "database_-_java_vm",
"product_id": "CSAFPID-1673451",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.24:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_java_vm",
"product": {
"name": "database_-_java_vm",
"product_id": "CSAFPID-1673450",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.15:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "database_-_java_vm",
"product": {
"name": "database_-_java_vm",
"product_id": "CSAFPID-1673452",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "autonomous_health_framework",
"product": {
"name": "autonomous_health_framework",
"product_id": "CSAFPID-816798",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "autonomous_health_framework",
"product": {
"name": "autonomous_health_framework",
"product_id": "CSAFPID-816799",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:23.10:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "autonomous_health_framework",
"product": {
"name": "autonomous_health_framework",
"product_id": "CSAFPID-1673525",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:prior_to_24.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-912046",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.10:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-1503299",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.11:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-816855",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:17.0.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-816361",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-912045",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-1503302",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:21.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-912044",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:22:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-1503306",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:22.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-816852",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.12:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-912600",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition20.3.13:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-816853",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.8:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-912601",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition21.3.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "graalvm_for_jdk",
"product": {
"name": "graalvm_for_jdk",
"product_id": "CSAFPID-816854",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graalvm_for_jdk:graalvm_enterprise_edition22.3.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sqlcl",
"product": {
"name": "sqlcl",
"product_id": "CSAFPID-816801",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sqlcl:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sqlcl",
"product": {
"name": "sqlcl",
"product_id": "CSAFPID-1673405",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sqlcl:23.4-23.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express_administration",
"product": {
"name": "application_express_administration",
"product_id": "CSAFPID-764731",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express_administration:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express_customers_plugin",
"product": {
"name": "application_express_customers_plugin",
"product_id": "CSAFPID-764732",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express_customers_plugin:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express_team_calendar_plugin",
"product": {
"name": "application_express_team_calendar_plugin",
"product_id": "CSAFPID-764733",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express_team_calendar_plugin:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express",
"product": {
"name": "application_express",
"product_id": "CSAFPID-266119",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express",
"product": {
"name": "application_express",
"product_id": "CSAFPID-1673510",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express:23.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express",
"product": {
"name": "application_express",
"product_id": "CSAFPID-1503575",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express:23.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "application_express",
"product": {
"name": "application_express",
"product_id": "CSAFPID-1673188",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:application_express:24.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "autonomous_health_framework",
"product": {
"name": "autonomous_health_framework",
"product_id": "CSAFPID-765238",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:19c:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "autonomous_health_framework",
"product": {
"name": "autonomous_health_framework",
"product_id": "CSAFPID-765239",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:21c:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "blockchain_platform",
"product": {
"name": "blockchain_platform",
"product_id": "CSAFPID-764779",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "blockchain_platform",
"product": {
"name": "blockchain_platform",
"product_id": "CSAFPID-89587",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-765259",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:_security_and_provisioning___21.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-187448",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-94075",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-220886",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.4.3.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-611394",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.5.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-816317",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.5.3.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-912567",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.5.4.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-1503612",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.5.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "essbase",
"product": {
"name": "essbase",
"product_id": "CSAFPID-1673479",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.6:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_essbase",
"product": {
"name": "oracle_essbase",
"product_id": "CSAFPID-1650506",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_essbase:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-816845",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-1650825",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-1673404",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data_and_application_adapters",
"product": {
"name": "goldengate_big_data_and_application_adapters",
"product_id": "CSAFPID-1650831",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3-21.14.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_big_data",
"product": {
"name": "goldengate_big_data",
"product_id": "CSAFPID-764274",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_stream_analytics",
"product": {
"name": "goldengate_stream_analytics",
"product_id": "CSAFPID-764752",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_stream_analytics",
"product": {
"name": "goldengate_stream_analytics",
"product_id": "CSAFPID-1673384",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.9:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_stream_analytics",
"product": {
"name": "goldengate_stream_analytics",
"product_id": "CSAFPID-220192",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_stream_analytics",
"product": {
"name": "goldengate_stream_analytics",
"product_id": "CSAFPID-220193",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.7:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_studio",
"product": {
"name": "goldengate_studio",
"product_id": "CSAFPID-816846",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_studio:12.2.0.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_studio",
"product": {
"name": "goldengate_studio",
"product_id": "CSAFPID-611390",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_studio:12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_studio",
"product": {
"name": "goldengate_studio",
"product_id": "CSAFPID-764803",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_studio:fusion_middleware_12.2.1.4.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate_veridata",
"product": {
"name": "goldengate_veridata",
"product_id": "CSAFPID-764275",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_veridata:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-342816",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1650767",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.23.0.0.240716:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-485902",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1503736",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19.23.0.0.240716:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-219912",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19c:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1503739",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.14:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1650765",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.3-21.14:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "goldengate",
"product": {
"name": "goldengate",
"product_id": "CSAFPID-1503738",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_goldengate_stream_analytics",
"product": {
"name": "oracle_goldengate_stream_analytics",
"product_id": "CSAFPID-1650515",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_goldengate_stream_analytics:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "management_pack_for__goldengate",
"product": {
"name": "management_pack_for__goldengate",
"product_id": "CSAFPID-764861",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:management_pack_for__goldengate:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "management_pack_for__goldengate",
"product": {
"name": "management_pack_for__goldengate",
"product_id": "CSAFPID-1503640",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:management_pack_for__goldengate:12.2.1.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_goldengate_studio",
"product": {
"name": "oracle_goldengate_studio",
"product_id": "CSAFPID-1650835",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_goldengate_studio:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_goldengate",
"product": {
"name": "oracle_goldengate",
"product_id": "CSAFPID-1650575",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_goldengate:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-764813",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1503661",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:1.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1503663",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:1.5:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673497",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-764764",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:19.5.33:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-764765",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:20.3.28:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673491",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:20.3.40:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-764766",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:21.2.55:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673495",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:21.2.71:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-764767",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:22.3.26:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673493",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:22.3.45:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673489",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:23.3.33:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1673488",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:24.1.17:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1650757",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_19.5.42:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1650758",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_20.3.40:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1650761",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_21.2.27:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1650760",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_22.3.46:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "nosql_database",
"product": {
"name": "nosql_database",
"product_id": "CSAFPID-1650759",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:prior_to_23.3.32:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_nosql_database",
"product": {
"name": "oracle_nosql_database",
"product_id": "CSAFPID-1650584",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_nosql_database:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_secure_backup",
"product": {
"name": "oracle_secure_backup",
"product_id": "CSAFPID-1650563",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_secure_backup:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-667692",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-345049",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-611417",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "secure_backup",
"product": {
"name": "secure_backup",
"product_id": "CSAFPID-1673422",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:19.1.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "oracle_sql_developer",
"product": {
"name": "oracle_sql_developer",
"product_id": "CSAFPID-1650638",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:oracle_sql_developer:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sql_developer",
"product": {
"name": "sql_developer",
"product_id": "CSAFPID-764822",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sql_developer:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sql_developer",
"product": {
"name": "sql_developer",
"product_id": "CSAFPID-220643",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sql_developer:21.4.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sql_developer",
"product": {
"name": "sql_developer",
"product_id": "CSAFPID-816870",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sql_developer:22.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sql_developer",
"product": {
"name": "sql_developer",
"product_id": "CSAFPID-816871",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sql_developer:23.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sql_developer",
"product": {
"name": "sql_developer",
"product_id": "CSAFPID-1673397",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:sql_developer:24.3.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "oracle_application_express",
"product": {
"name": "oracle_application_express",
"product_id": "CSAFPID-1673144",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle_corporation:oracle_application_express:24.1:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "oracle_corporation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-1471",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-220886",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764822",
"CSAFPID-1650515",
"CSAFPID-1650638",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-89587",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-1471",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-1471.json"
}
],
"title": "CVE-2022-1471"
},
{
"cve": "CVE-2022-34169",
"cwe": {
"id": "CWE-192",
"name": "Integer Coercion Error"
},
"notes": [
{
"category": "other",
"text": "Integer Coercion Error",
"title": "CWE-192"
},
{
"category": "other",
"text": "Incorrect Conversion between Numeric Types",
"title": "CWE-681"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-342816",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-764752",
"CSAFPID-764275",
"CSAFPID-764861",
"CSAFPID-266119",
"CSAFPID-187448",
"CSAFPID-219912",
"CSAFPID-765238",
"CSAFPID-765239",
"CSAFPID-765259",
"CSAFPID-667692",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-764250",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-34169",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-34169.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-342816",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-764752",
"CSAFPID-764275",
"CSAFPID-764861",
"CSAFPID-266119",
"CSAFPID-187448",
"CSAFPID-219912",
"CSAFPID-765238",
"CSAFPID-765239",
"CSAFPID-765259",
"CSAFPID-667692",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-764250",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2022-34169"
},
{
"cve": "CVE-2022-36033",
"cwe": {
"id": "CWE-87",
"name": "Improper Neutralization of Alternate XSS Syntax"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Alternate XSS Syntax",
"title": "CWE-87"
},
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-220886",
"CSAFPID-94075",
"CSAFPID-764803",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764861",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-266119",
"CSAFPID-187448",
"CSAFPID-1650515",
"CSAFPID-1650835",
"CSAFPID-219912",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-667692",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-1503575",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-912567",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-36033",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-36033.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-220886",
"CSAFPID-94075",
"CSAFPID-764803",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764861",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-266119",
"CSAFPID-187448",
"CSAFPID-1650515",
"CSAFPID-1650835",
"CSAFPID-219912",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-667692",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-1503575",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-912567",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2022-36033"
},
{
"cve": "CVE-2022-37454",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Integer Overflow to Buffer Overflow",
"title": "CWE-680"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-1650563",
"CSAFPID-89587",
"CSAFPID-764861"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-37454",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-37454.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-1650563",
"CSAFPID-89587",
"CSAFPID-764861"
]
}
],
"title": "CVE-2022-37454"
},
{
"cve": "CVE-2022-38136",
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-38136",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38136.json"
}
],
"title": "CVE-2022-38136"
},
{
"cve": "CVE-2022-40196",
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-40196",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-40196.json"
}
],
"title": "CVE-2022-40196"
},
{
"cve": "CVE-2022-41342",
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-41342",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-41342.json"
}
],
"title": "CVE-2022-41342"
},
{
"cve": "CVE-2022-42919",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "other",
"text": "Missing Encryption of Sensitive Data",
"title": "CWE-311"
},
{
"category": "other",
"text": "Improper Privilege Management",
"title": "CWE-269"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-42919",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42919.json"
}
],
"title": "CVE-2022-42919"
},
{
"cve": "CVE-2022-45061",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-45061",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-45061.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-342816",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764779",
"CSAFPID-94075",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-611390",
"CSAFPID-764803",
"CSAFPID-764813",
"CSAFPID-764822",
"CSAFPID-89587"
]
}
],
"title": "CVE-2022-45061"
},
{
"cve": "CVE-2022-46337",
"product_status": {
"known_affected": [
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-764752",
"CSAFPID-764275",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-764250",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-342816",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-816361",
"CSAFPID-764813",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-46337",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-46337.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-1673384",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-764752",
"CSAFPID-764275",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-912046",
"CSAFPID-912045",
"CSAFPID-912044",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-764250",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-342816",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-816361",
"CSAFPID-764813",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692"
]
}
],
"title": "CVE-2022-46337"
},
{
"cve": "CVE-2023-2976",
"cwe": {
"id": "CWE-552",
"name": "Files or Directories Accessible to External Parties"
},
"notes": [
{
"category": "other",
"text": "Files or Directories Accessible to External Parties",
"title": "CWE-552"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650584",
"CSAFPID-1650835",
"CSAFPID-1650506",
"CSAFPID-1650515",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-342816",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-764813",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692",
"CSAFPID-89587",
"CSAFPID-1673397",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-345049",
"CSAFPID-816801",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-611417",
"CSAFPID-764250",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-2976",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-2976.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1650584",
"CSAFPID-1650835",
"CSAFPID-1650506",
"CSAFPID-1650515",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-342816",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816361",
"CSAFPID-764813",
"CSAFPID-220643",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692",
"CSAFPID-89587",
"CSAFPID-1673397",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-345049",
"CSAFPID-816801",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-611417",
"CSAFPID-764250",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-2976"
},
{
"cve": "CVE-2023-4043",
"cwe": {
"id": "CWE-834",
"name": "Excessive Iteration"
},
"notes": [
{
"category": "other",
"text": "Excessive Iteration",
"title": "CWE-834"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673405",
"CSAFPID-1673397",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4043",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4043.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673405",
"CSAFPID-1673397",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-4043"
},
{
"cve": "CVE-2023-4759",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"title": "CWE-59"
},
{
"category": "other",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673397",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4759",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4759.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673397",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2023-4759"
},
{
"cve": "CVE-2023-4863",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-342816",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-4863",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-4863.json"
}
],
"title": "CVE-2023-4863"
},
{
"cve": "CVE-2023-5072",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650575",
"CSAFPID-1650515",
"CSAFPID-1650835",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-5072",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-5072.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650575",
"CSAFPID-1650515",
"CSAFPID-1650835",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-5072"
},
{
"cve": "CVE-2023-26031",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"notes": [
{
"category": "other",
"text": "Untrusted Search Path",
"title": "CWE-426"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26031",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26031.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2023-26031"
},
{
"cve": "CVE-2023-26551",
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26551",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26551.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0.0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-26551"
},
{
"cve": "CVE-2023-26552",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26552",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26552.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-26552"
},
{
"cve": "CVE-2023-26553",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26553",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26553.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-26553"
},
{
"cve": "CVE-2023-26554",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-26554"
},
{
"cve": "CVE-2023-26555",
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26555",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-26555.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-26555"
},
{
"cve": "CVE-2023-28484",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764250",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-816317",
"CSAFPID-764813",
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-345049",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-611417",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-667692",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-28484",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28484.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-764250",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-220886",
"CSAFPID-816317",
"CSAFPID-764813",
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-345049",
"CSAFPID-764752",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-611417",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-667692",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
}
],
"title": "CVE-2023-28484"
},
{
"cve": "CVE-2023-29469",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
}
],
"product_status": {
"known_affected": [
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-816317",
"CSAFPID-89587",
"CSAFPID-220886",
"CSAFPID-342816",
"CSAFPID-345049",
"CSAFPID-764752",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-667692",
"CSAFPID-764813",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764250",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-29469",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-29469.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-611417",
"CSAFPID-764731",
"CSAFPID-764732",
"CSAFPID-764733",
"CSAFPID-816317",
"CSAFPID-89587",
"CSAFPID-220886",
"CSAFPID-342816",
"CSAFPID-345049",
"CSAFPID-764752",
"CSAFPID-611390",
"CSAFPID-611394",
"CSAFPID-764764",
"CSAFPID-764765",
"CSAFPID-764766",
"CSAFPID-764767",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-667692",
"CSAFPID-764813",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764250",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
}
],
"title": "CVE-2023-29469"
},
{
"cve": "CVE-2023-33201",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-1650584",
"CSAFPID-1673397",
"CSAFPID-912561",
"CSAFPID-345049",
"CSAFPID-611390",
"CSAFPID-611417",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-33201",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-33201.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-764250",
"CSAFPID-611394",
"CSAFPID-1650584",
"CSAFPID-1673397",
"CSAFPID-912561",
"CSAFPID-345049",
"CSAFPID-611390",
"CSAFPID-611417",
"CSAFPID-764274",
"CSAFPID-764275",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-33201"
},
{
"cve": "CVE-2023-37920",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "other",
"text": "Insufficient Verification of Data Authenticity",
"title": "CWE-345"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-37920",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-37920.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612"
]
}
],
"title": "CVE-2023-37920"
},
{
"cve": "CVE-2023-39410",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673404",
"CSAFPID-1673384",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-39410",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-39410.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673404",
"CSAFPID-1673384",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871"
]
}
],
"title": "CVE-2023-39410"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650757",
"CSAFPID-1650758",
"CSAFPID-1650759",
"CSAFPID-1650760",
"CSAFPID-1650761",
"CSAFPID-89587",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503603",
"CSAFPID-1503575",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-44487",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650757",
"CSAFPID-1650758",
"CSAFPID-1650759",
"CSAFPID-1650760",
"CSAFPID-1650761",
"CSAFPID-89587",
"CSAFPID-816361",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503603",
"CSAFPID-1503575",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-44981",
"cwe": {
"id": "CWE-639",
"name": "Authorization Bypass Through User-Controlled Key"
},
"notes": [
{
"category": "other",
"text": "Authorization Bypass Through User-Controlled Key",
"title": "CWE-639"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650515",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-44981",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44981.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1650515",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601"
]
}
],
"title": "CVE-2023-44981"
},
{
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-45288",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45288.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"notes": [
{
"category": "other",
"text": "Truncation of Security-relevant Information",
"title": "CWE-222"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650765",
"CSAFPID-1650757",
"CSAFPID-1650758",
"CSAFPID-1650767",
"CSAFPID-1650759",
"CSAFPID-1650760",
"CSAFPID-1650761",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503575",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-48795",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-48795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1650765",
"CSAFPID-1650757",
"CSAFPID-1650758",
"CSAFPID-1650767",
"CSAFPID-1650759",
"CSAFPID-1650760",
"CSAFPID-1650761",
"CSAFPID-89587",
"CSAFPID-220643",
"CSAFPID-342816",
"CSAFPID-667692",
"CSAFPID-764250",
"CSAFPID-764813",
"CSAFPID-816317",
"CSAFPID-816361",
"CSAFPID-816798",
"CSAFPID-816799",
"CSAFPID-816800",
"CSAFPID-816801",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-816852",
"CSAFPID-816853",
"CSAFPID-816854",
"CSAFPID-816855",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-816870",
"CSAFPID-816871",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-1503603",
"CSAFPID-1503612",
"CSAFPID-1503575",
"CSAFPID-1503640",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-49083",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-49083",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-49083.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2023-49083"
},
{
"cve": "CVE-2023-51384",
"cwe": {
"id": "CWE-304",
"name": "Missing Critical Step in Authentication"
},
"notes": [
{
"category": "other",
"text": "Missing Critical Step in Authentication",
"title": "CWE-304"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-51384",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51384.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-51384"
},
{
"cve": "CVE-2023-51385",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-51385",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-51385.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2023-51385"
},
{
"cve": "CVE-2023-52425",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52425",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52425.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2023-52425"
},
{
"cve": "CVE-2023-52426",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)",
"title": "CWE-776"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52426",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52426.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2023-52426"
},
{
"cve": "CVE-2024-1874",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
},
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-1874",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-1874.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-1874"
},
{
"cve": "CVE-2024-2408",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"notes": [
{
"category": "other",
"text": "Observable Discrepancy",
"title": "CWE-203"
},
{
"category": "other",
"text": "Observable Timing Discrepancy",
"title": "CWE-208"
},
{
"category": "other",
"text": "Use of a Broken or Risky Cryptographic Algorithm",
"title": "CWE-327"
},
{
"category": "other",
"text": "Covert Timing Channel",
"title": "CWE-385"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2408",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2408.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-2408"
},
{
"cve": "CVE-2024-2511",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improperly Controlled Sequential Memory Allocation",
"title": "CWE-1325"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2511",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2511.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-2511"
},
{
"cve": "CVE-2024-4577",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"title": "CWE-88"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4577",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4577.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-4577"
},
{
"cve": "CVE-2024-4603",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"notes": [
{
"category": "other",
"text": "Unchecked Input for Loop Condition",
"title": "CWE-606"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4603",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4603.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-4603"
},
{
"cve": "CVE-2024-4741",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4741",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4741.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-4741"
},
{
"cve": "CVE-2024-5458",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5458",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5458.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-5458"
},
{
"cve": "CVE-2024-5535",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"title": "CWE-119"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673508",
"CSAFPID-1673525"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5535",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5535.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673508",
"CSAFPID-1673525"
]
}
],
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-5585",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"notes": [
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"title": "CWE-78"
},
{
"category": "other",
"text": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"title": "CWE-88"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5585",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5585.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673422",
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-5585"
},
{
"cve": "CVE-2024-6119",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "other",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673508",
"CSAFPID-1673525"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6119",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6119.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673508",
"CSAFPID-1673525"
]
}
],
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-6232",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-6232",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6232.json"
}
],
"title": "CVE-2024-6232"
},
{
"cve": "CVE-2024-7264",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673529",
"CSAFPID-1673479",
"CSAFPID-1673511",
"CSAFPID-1673512"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7264",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7264.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673529",
"CSAFPID-1673479",
"CSAFPID-1673511",
"CSAFPID-1673512"
]
}
],
"title": "CVE-2024-7264"
},
{
"cve": "CVE-2024-7592",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-7592",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-7592.json"
}
],
"title": "CVE-2024-7592"
},
{
"cve": "CVE-2024-21131",
"product_status": {
"known_affected": [
"CSAFPID-1503299",
"CSAFPID-1503306",
"CSAFPID-1503302",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21131",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21131.json"
}
],
"title": "CVE-2024-21131"
},
{
"cve": "CVE-2024-21138",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21138",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21138.json"
}
],
"title": "CVE-2024-21138"
},
{
"cve": "CVE-2024-21140",
"product_status": {
"known_affected": [
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503299",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21140",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21140.json"
}
],
"title": "CVE-2024-21140"
},
{
"cve": "CVE-2024-21144",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21144",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21144.json"
}
],
"title": "CVE-2024-21144"
},
{
"cve": "CVE-2024-21145",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503299",
"CSAFPID-1503306",
"CSAFPID-1503302",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21145",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21145.json"
}
],
"title": "CVE-2024-21145"
},
{
"cve": "CVE-2024-21147",
"product_status": {
"known_affected": [
"CSAFPID-1503306",
"CSAFPID-1503302",
"CSAFPID-1503299",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21147",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21147.json"
}
],
"title": "CVE-2024-21147"
},
{
"cve": "CVE-2024-21233",
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21233",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21233.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
}
],
"title": "CVE-2024-21233"
},
{
"cve": "CVE-2024-21242",
"product_status": {
"known_affected": [
"CSAFPID-1673443",
"CSAFPID-1673444",
"CSAFPID-1673445"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21242",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21242.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1673443",
"CSAFPID-1673444",
"CSAFPID-1673445"
]
}
],
"title": "CVE-2024-21242"
},
{
"cve": "CVE-2024-21251",
"product_status": {
"known_affected": [
"CSAFPID-1673450",
"CSAFPID-1673451",
"CSAFPID-1673452"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21251",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21251.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673450",
"CSAFPID-1673451",
"CSAFPID-1673452"
]
}
],
"title": "CVE-2024-21251"
},
{
"cve": "CVE-2024-21261",
"product_status": {
"known_affected": [
"CSAFPID-1673144",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21261",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21261.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673144",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-21261"
},
{
"cve": "CVE-2024-22018",
"cwe": {
"id": "CWE-275",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-275",
"title": "CWE-275"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22018",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22018.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-22018"
},
{
"cve": "CVE-2024-22020",
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22020",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22020.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-22020"
},
{
"cve": "CVE-2024-22201",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673384",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-22201",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-22201.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673384",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-22201"
},
{
"cve": "CVE-2024-23807",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1650831",
"CSAFPID-1650825",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23807",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23807.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1650831",
"CSAFPID-1650825",
"CSAFPID-1673479",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-23807"
},
{
"cve": "CVE-2024-23944",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23944",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23944.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-23944"
},
{
"cve": "CVE-2024-24989",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24989",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24989.json"
}
],
"title": "CVE-2024-24989"
},
{
"cve": "CVE-2024-24990",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24990",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24990.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-24990"
},
{
"cve": "CVE-2024-25710",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1673384",
"CSAFPID-816871",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-342816",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-912046",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25710",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-25710.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1673384",
"CSAFPID-816871",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-342816",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-912046",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-25710"
},
{
"cve": "CVE-2024-26130",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-26130",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26130.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816798",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-26130"
},
{
"cve": "CVE-2024-26308",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1673384",
"CSAFPID-816871",
"CSAFPID-816798",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-26308",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-26308.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1673384",
"CSAFPID-816871",
"CSAFPID-816798",
"CSAFPID-342816",
"CSAFPID-764275",
"CSAFPID-764752",
"CSAFPID-816801",
"CSAFPID-816846",
"CSAFPID-912044",
"CSAFPID-912045",
"CSAFPID-912046",
"CSAFPID-912561",
"CSAFPID-912567",
"CSAFPID-912600",
"CSAFPID-912601",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-816845",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-26308"
},
{
"cve": "CVE-2024-27983",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-27983",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-27983.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-27983"
},
{
"cve": "CVE-2024-28182",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673442",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28182",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28182.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673442",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-28182"
},
{
"cve": "CVE-2024-28849",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28849",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28849.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-89587",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-28849"
},
{
"cve": "CVE-2024-28887",
"cwe": {
"id": "CWE-427",
"name": "Uncontrolled Search Path Element"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Search Path Element",
"title": "CWE-427"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28887",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-28887.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
}
],
"title": "CVE-2024-28887"
},
{
"cve": "CVE-2024-29025",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673488",
"CSAFPID-1673489",
"CSAFPID-1673491",
"CSAFPID-1673492",
"CSAFPID-1673493",
"CSAFPID-1673495",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29025",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29025.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1673488",
"CSAFPID-1673489",
"CSAFPID-1673491",
"CSAFPID-1673492",
"CSAFPID-1673493",
"CSAFPID-1673495",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-29025"
},
{
"cve": "CVE-2024-29131",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673497",
"CSAFPID-1673397",
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29131",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29131.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1673497",
"CSAFPID-1673397",
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-29131"
},
{
"cve": "CVE-2024-29133",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673497",
"CSAFPID-1673397",
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-29133",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-29133.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1673497",
"CSAFPID-1673397",
"CSAFPID-1673384",
"CSAFPID-1503575",
"CSAFPID-1503603",
"CSAFPID-764250",
"CSAFPID-1503612",
"CSAFPID-1503640",
"CSAFPID-342816",
"CSAFPID-816845",
"CSAFPID-816846",
"CSAFPID-1503299",
"CSAFPID-1503302",
"CSAFPID-1503306",
"CSAFPID-1503661",
"CSAFPID-1503663",
"CSAFPID-764813"
]
}
],
"title": "CVE-2024-29133"
},
{
"cve": "CVE-2024-31079",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-31079",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-31079.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-31079"
},
{
"cve": "CVE-2024-32760",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-32760",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-32760.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-32760"
},
{
"cve": "CVE-2024-34161",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "other",
"text": "Missing Release of Memory after Effective Lifetime",
"title": "CWE-401"
},
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34161",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34161.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-34161"
},
{
"cve": "CVE-2024-34750",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673504",
"CSAFPID-1673506"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34750",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673504",
"CSAFPID-1673506"
]
}
],
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2024-35200",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-35200",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-35200.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-35200"
},
{
"cve": "CVE-2024-36137",
"cwe": {
"id": "CWE-275",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-275",
"title": "CWE-275"
},
{
"category": "other",
"text": "Incorrect Permission Assignment for Critical Resource",
"title": "CWE-732"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-36137",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36137.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-36137"
},
{
"cve": "CVE-2024-36138",
"cwe": {
"id": "CWE-77",
"name": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"title": "CWE-77"
}
],
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-36138",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36138.json"
}
],
"title": "CVE-2024-36138"
},
{
"cve": "CVE-2024-36387",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-36387",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36387.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-36387"
},
{
"cve": "CVE-2024-37370",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673507",
"CSAFPID-1673508",
"CSAFPID-1673509"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37370",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37370.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673507",
"CSAFPID-1673508",
"CSAFPID-1673509"
]
}
],
"title": "CVE-2024-37370"
},
{
"cve": "CVE-2024-37371",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673507",
"CSAFPID-1673508",
"CSAFPID-1673509"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37371",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37371.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673507",
"CSAFPID-1673508",
"CSAFPID-1673509"
]
}
],
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-37372",
"product_status": {
"known_affected": [
"CSAFPID-89587"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37372",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37372.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-89587"
]
}
],
"title": "CVE-2024-37372"
},
{
"cve": "CVE-2024-38356",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673510",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38356",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38356.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673510",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-38356"
},
{
"cve": "CVE-2024-38357",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673510",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38357",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38357.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1673510",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-38357"
},
{
"cve": "CVE-2024-38472",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38472",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38472.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38472"
},
{
"cve": "CVE-2024-38473",
"cwe": {
"id": "CWE-172",
"name": "Encoding Error"
},
"notes": [
{
"category": "other",
"text": "Encoding Error",
"title": "CWE-172"
},
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38473",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38473.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38473"
},
{
"cve": "CVE-2024-38474",
"cwe": {
"id": "CWE-172",
"name": "Encoding Error"
},
"notes": [
{
"category": "other",
"text": "Encoding Error",
"title": "CWE-172"
},
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38474",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38474.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38474"
},
{
"cve": "CVE-2024-38475",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Improper Encoding or Escaping of Output",
"title": "CWE-116"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38475",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38475.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38475"
},
{
"cve": "CVE-2024-38476",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Inclusion of Functionality from Untrusted Control Sphere",
"title": "CWE-829"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38476",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38476.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38476"
},
{
"cve": "CVE-2024-38477",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38477",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38477.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-38477"
},
{
"cve": "CVE-2024-38998",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673511",
"CSAFPID-1673512",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38998",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38998.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673511",
"CSAFPID-1673512",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-38998"
},
{
"cve": "CVE-2024-38999",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673511",
"CSAFPID-1673512",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38999",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673511",
"CSAFPID-1673512",
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-38999"
},
{
"cve": "CVE-2024-39573",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-39573",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39573.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-39573"
},
{
"cve": "CVE-2024-39884",
"cwe": {
"id": "CWE-18",
"name": "-"
},
"notes": [
{
"category": "other",
"text": "CWE-18",
"title": "CWE-18"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-39884",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39884.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417"
]
}
],
"title": "CVE-2024-39884"
},
{
"cve": "CVE-2024-40725",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Exposure of Resource to Wrong Sphere",
"title": "CWE-668"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40725",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40725.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479"
]
}
],
"title": "CVE-2024-40725"
},
{
"cve": "CVE-2024-40898",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
}
],
"product_status": {
"known_affected": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-40898",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-40898.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-345049",
"CSAFPID-611417",
"CSAFPID-1673479"
]
}
],
"title": "CVE-2024-40898"
},
{
"cve": "CVE-2024-45490",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "other",
"text": "Incorrect Calculation of Buffer Size",
"title": "CWE-131"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45490",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45490.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
}
],
"title": "CVE-2024-45490"
},
{
"cve": "CVE-2024-45491",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45491",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45491.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
}
],
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45492",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45492",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45492.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1673385",
"CSAFPID-1673442",
"CSAFPID-1673386"
]
}
],
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1503575",
"CSAFPID-1673188"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45801",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1503575",
"CSAFPID-1673188"
]
}
],
"title": "CVE-2024-45801"
}
]
}
ncsc-2024-0466
Vulnerability from csaf_ncscnl
Published
2024-12-06 13:05
Modified
2024-12-06 13:05
Summary
Kwetsbaarheden verholpen in Atlassian producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Atlassian heeft kwetsbaarheden verholpen in diverse producten als Jira, Bamboo en Confluence.
Interpretaties
De kwetsbaarheden bevinden zich in verschillende third party componenten van ontwikkelaars zoals Oracle, RedHat en het Apache consortium. Deze kwetsbaarheden kunnen leiden tot geheugenuitputting en Denial-of-Service (DoS) door onjuiste invoerbeperkingen. Aanvallers kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde verzoeken te sturen, wat kan resulteren in systeeminstabiliteit en crashes.
Voor de kwetsbaarheden zijn door de diverse ontwikkelaars updates uitgebracht om ze te verhelpen. Atlassian heeft de updates verwerkt in de eigen producten.
Oplossingen
Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-755
Improper Handling of Exceptional Conditions
CWE-347
Improper Verification of Cryptographic Signature
CWE-1050
Excessive Platform Resource Consumption within a Loop
CWE-23
Relative Path Traversal
CWE-1333
Inefficient Regular Expression Complexity
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-400
Uncontrolled Resource Consumption
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-502
Deserialization of Untrusted Data
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-20
Improper Input Validation
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Atlassian heeft kwetsbaarheden verholpen in diverse producten als Jira, Bamboo en Confluence.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden bevinden zich in verschillende third party componenten van ontwikkelaars zoals Oracle, RedHat en het Apache consortium. Deze kwetsbaarheden kunnen leiden tot geheugenuitputting en Denial-of-Service (DoS) door onjuiste invoerbeperkingen. Aanvallers kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde verzoeken te sturen, wat kan resulteren in systeeminstabiliteit en crashes.\nVoor de kwetsbaarheden zijn door de diverse ontwikkelaars updates uitgebracht om ze te verhelpen. Atlassian heeft de updates verwerkt in de eigen producten.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Atlassian heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "general",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
},
{
"category": "general",
"text": "Excessive Platform Resource Consumption within a Loop",
"title": "CWE-1050"
},
{
"category": "general",
"text": "Relative Path Traversal",
"title": "CWE-23"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "general",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - certbundde",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-19-2024-1456179091.html"
}
],
"title": "Kwetsbaarheden verholpen in Atlassian producten",
"tracking": {
"current_release_date": "2024-12-06T13:05:55.904619Z",
"id": "NCSC-2024-0466",
"initial_release_date": "2024-12-06T13:05:55.904619Z",
"revision_history": [
{
"date": "2024-12-06T13:05:55.904619Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "atlassian_bamboo__10.0.0",
"product": {
"name": "atlassian_bamboo__10.0.0",
"product_id": "CSAFPID-1645374",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bamboo__10.0.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bamboo__9.2.17",
"product": {
"name": "atlassian_bamboo__9.2.17",
"product_id": "CSAFPID-1621163",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bamboo__9.2.17:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bamboo__9.6.4",
"product": {
"name": "atlassian_bamboo__9.6.4",
"product_id": "CSAFPID-1645371",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bamboo__9.6.4:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bitbucket__8.19.9",
"product": {
"name": "atlassian_bitbucket__8.19.9",
"product_id": "CSAFPID-1645370",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bitbucket__8.19.9:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bitbucket__8.9.19",
"product": {
"name": "atlassian_bitbucket__8.9.19",
"product_id": "CSAFPID-1645373",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bitbucket__8.9.19:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_bitbucket__9.0.0",
"product": {
"name": "atlassian_bitbucket__9.0.0",
"product_id": "CSAFPID-1645372",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_bitbucket__9.0.0:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__7.19.26",
"product": {
"name": "atlassian_confluence__7.19.26",
"product_id": "CSAFPID-1621160",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__7.19.26:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__7.19.26__lts_",
"product": {
"name": "atlassian_confluence__7.19.26__lts_",
"product_id": "CSAFPID-1621135",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__7.19.26__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__8.5.12",
"product": {
"name": "atlassian_confluence__8.5.12",
"product_id": "CSAFPID-1645510",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__8.5.12:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__8.5.14__lts_",
"product": {
"name": "atlassian_confluence__8.5.14__lts_",
"product_id": "CSAFPID-1621133",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__8.5.14__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__8.9.4",
"product": {
"name": "atlassian_confluence__8.9.4",
"product_id": "CSAFPID-1645509",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__8.9.4:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence__9.0.1",
"product": {
"name": "atlassian_confluence__9.0.1",
"product_id": "CSAFPID-1621161",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence__9.0.1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_confluence_data_center__9.0.1",
"product": {
"name": "atlassian_confluence_data_center__9.0.1",
"product_id": "CSAFPID-1621140",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_confluence_data_center__9.0.1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software__9.12.12__lts_",
"product": {
"name": "atlassian_jira_software__9.12.12__lts_",
"product_id": "CSAFPID-1621142",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software__9.12.12__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software__9.4.25__lts_",
"product": {
"name": "atlassian_jira_software__9.4.25__lts_",
"product_id": "CSAFPID-1621143",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software__9.4.25__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software_data_center__9.17.1",
"product": {
"name": "atlassian_jira_software_data_center__9.17.1",
"product_id": "CSAFPID-1621141",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_data_center__9.17.1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software_service_management__5.12.12__lts_",
"product": {
"name": "atlassian_jira_software_service_management__5.12.12__lts_",
"product_id": "CSAFPID-1621138",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_service_management__5.12.12__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software_service_management__5.4.25__lts_",
"product": {
"name": "atlassian_jira_software_service_management__5.4.25__lts_",
"product_id": "CSAFPID-1621139",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_service_management__5.4.25__lts_:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "atlassian_jira_software_service_management_data_center__5.17.1",
"product": {
"name": "atlassian_jira_software_service_management_data_center__5.17.1",
"product_id": "CSAFPID-1621137",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:atlassian_jira_software_service_management_data_center__5.17.1:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "bamboo",
"product": {
"name": "bamboo",
"product_id": "CSAFPID-716889",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:bamboo:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "bitbucket",
"product": {
"name": "bitbucket",
"product_id": "CSAFPID-1725084",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:bitbucket:-:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "confluence",
"product": {
"name": "confluence",
"product_id": "CSAFPID-551338",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "jira_software",
"product": {
"name": "jira_software",
"product_id": "CSAFPID-1725085",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:jira_software:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree",
"product": {
"name": "sourcetree",
"product_id": "CSAFPID-1724900",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree",
"product": {
"name": "sourcetree",
"product_id": "CSAFPID-1725556",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:macos:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree",
"product": {
"name": "sourcetree",
"product_id": "CSAFPID-1725557",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:windows:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree_for_mac",
"product": {
"name": "sourcetree_for_mac",
"product_id": "CSAFPID-1724286",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree_for_mac:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "sourcetree_for_windows",
"product": {
"name": "sourcetree_for_windows",
"product_id": "CSAFPID-1724287",
"product_identification_helper": {
"cpe": "cpe:2.3:a:atlassian:sourcetree_for_windows:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "atlassian"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-38900",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-38900",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-38900.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-551338"
]
}
],
"title": "CVE-2022-38900"
},
{
"cve": "CVE-2023-46234",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"notes": [
{
"category": "other",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46234",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46234.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-551338"
]
}
],
"title": "CVE-2023-46234"
},
{
"cve": "CVE-2023-52428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338",
"CSAFPID-1725085",
"CSAFPID-716889"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-52428",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-52428.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-551338",
"CSAFPID-1725085",
"CSAFPID-716889"
]
}
],
"title": "CVE-2023-52428"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"notes": [
{
"category": "other",
"text": "Excessive Platform Resource Consumption within a Loop",
"title": "CWE-1050"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-4068",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-4068.json"
}
],
"title": "CVE-2024-4068"
},
{
"cve": "CVE-2024-21697",
"product_status": {
"known_affected": [
"CSAFPID-1724286",
"CSAFPID-1724287",
"CSAFPID-1725556",
"CSAFPID-1725557"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-21697",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-21697.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-1724286",
"CSAFPID-1724287",
"CSAFPID-1725556",
"CSAFPID-1725557"
]
}
],
"title": "CVE-2024-21697"
},
{
"cve": "CVE-2024-24549",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1725084",
"CSAFPID-551338"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24549",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1725084",
"CSAFPID-551338"
]
}
],
"title": "CVE-2024-24549"
},
{
"cve": "CVE-2024-30172",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1621160",
"CSAFPID-1621161",
"CSAFPID-1645509",
"CSAFPID-1645510",
"CSAFPID-551338",
"CSAFPID-1725084"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-30172",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-30172.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1621160",
"CSAFPID-1621161",
"CSAFPID-1645509",
"CSAFPID-1645510",
"CSAFPID-551338",
"CSAFPID-1725084"
]
}
],
"title": "CVE-2024-30172"
},
{
"cve": "CVE-2024-34750",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1621133",
"CSAFPID-1621135",
"CSAFPID-1621137",
"CSAFPID-1621138",
"CSAFPID-1621139",
"CSAFPID-1621140",
"CSAFPID-1621141",
"CSAFPID-1621142",
"CSAFPID-1621143",
"CSAFPID-1621163",
"CSAFPID-1645370",
"CSAFPID-1645371",
"CSAFPID-1645372",
"CSAFPID-1645373",
"CSAFPID-1645374"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-34750",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-34750.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1621133",
"CSAFPID-1621135",
"CSAFPID-1621137",
"CSAFPID-1621138",
"CSAFPID-1621139",
"CSAFPID-1621140",
"CSAFPID-1621141",
"CSAFPID-1621142",
"CSAFPID-1621143",
"CSAFPID-1621163",
"CSAFPID-1645370",
"CSAFPID-1645371",
"CSAFPID-1645372",
"CSAFPID-1645373",
"CSAFPID-1645374"
]
}
],
"title": "CVE-2024-34750"
},
{
"cve": "CVE-2024-38286",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"references": [
{
"category": "self",
"summary": "CVE-2024-38286",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38286.json"
}
],
"title": "CVE-2024-38286"
},
{
"cve": "CVE-2024-38816",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "other",
"text": "Relative Path Traversal",
"title": "CWE-23"
}
],
"product_status": {
"known_affected": [
"CSAFPID-551338",
"CSAFPID-716889"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38816",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38816.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-551338",
"CSAFPID-716889"
]
}
],
"title": "CVE-2024-38816"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1725085"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-45801",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-45801.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1725085"
]
}
],
"title": "CVE-2024-45801"
},
{
"cve": "CVE-2024-47561",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"product_status": {
"known_affected": [
"CSAFPID-716889"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47561",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-716889"
]
}
],
"title": "CVE-2024-47561"
}
]
}
rhsa-2024_7324
Vulnerability from csaf_redhat
Published
2024-10-02 12:03
Modified
2024-12-18 04:39
Summary
Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.9.7
Notes
Topic
Logging for Red Hat OpenShift - 5.9.7
Details
Logging for Red Hat OpenShift - 5.9.7
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Logging for Red Hat OpenShift - 5.9.7",
"title": "Topic"
},
{
"category": "general",
"text": "Logging for Red Hat OpenShift - 5.9.7",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7324",
"url": "https://access.redhat.com/errata/RHSA-2024:7324"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "LOG-5950",
"url": "https://issues.redhat.com/browse/LOG-5950"
},
{
"category": "external",
"summary": "LOG-6041",
"url": "https://issues.redhat.com/browse/LOG-6041"
},
{
"category": "external",
"summary": "LOG-6125",
"url": "https://issues.redhat.com/browse/LOG-6125"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7324.json"
}
],
"title": "Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.9.7",
"tracking": {
"current_release_date": "2024-12-18T04:39:20+00:00",
"generator": {
"date": "2024-12-18T04:39:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:7324",
"initial_release_date": "2024-10-02T12:03:29+00:00",
"revision_history": [
{
"date": "2024-10-02T12:03:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-02T12:03:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:39:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 5.9 for RHEL 9",
"product": {
"name": "RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.9::el9"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.9.7-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-282"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-301"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le",
"product_id": "openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.9.7-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.1.1-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le",
"product_id": "openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.34.1-19"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.9.7-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.9.7-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-653"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-288"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.9.7-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.9.7-11"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-282"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-301"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64",
"product_id": "openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.9.7-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.1.1-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64",
"product_id": "openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.34.1-19"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.9.7-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.9.7-16"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.9.7-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-653"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-288"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.9.7-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-282"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-301"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x",
"product_id": "openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.9.7-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.1.1-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x",
"product_id": "openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.34.1-19"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.9.7-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.9.7-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-653"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-288"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64",
"product_id": "openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel9-operator\u0026tag=v5.9.7-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel9\u0026tag=v1.1.0-282"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64",
"product_id": "openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel9\u0026tag=v0.4.0-301"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64",
"product": {
"name": "openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64",
"product_id": "openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel9\u0026tag=v5.9.7-3"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64",
"product_id": "openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel9\u0026tag=v3.1.1-10"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64",
"product": {
"name": "openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64",
"product_id": "openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel9\u0026tag=v0.34.1-19"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64",
"product_id": "openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel9\u0026tag=v5.9.7-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64",
"product": {
"name": "openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64",
"product_id": "openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel9-operator\u0026tag=v5.9.7-7"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel9\u0026tag=v0.1.0-653"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64",
"product_id": "openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel9\u0026tag=v0.1.0-288"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64 as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le",
"relates_to_product_reference": "9Base-RHOL-5.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x as a component of RHOL 5.9 for RHEL 9",
"product_id": "9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x"
},
"product_reference": "openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x",
"relates_to_product_reference": "9Base-RHOL-5.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-6104",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2024-06-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2294000"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-retryablehttp: url might write sensitive information to log file",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-6104"
},
{
"category": "external",
"summary": "RHBZ#2294000",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294000"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-6104",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6104"
}
],
"release_date": "2024-06-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-02T12:03:29+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html\n\nFor Red Hat OpenShift Logging 5.9, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.14/logging/cluster-logging-upgrading.html",
"product_ids": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7324"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go-retryablehttp: url might write sensitive information to log file"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-02T12:03:29+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html\n\nFor Red Hat OpenShift Logging 5.9, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.14/logging/cluster-logging-upgrading.html",
"product_ids": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7324"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-16T19:20:09.863249+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: XSS vulnerability via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45801"
},
{
"category": "external",
"summary": "RHBZ#2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21",
"url": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc",
"url": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674"
}
],
"release_date": "2024-09-16T19:16:11.080000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-02T12:03:29+00:00",
"details": "For OpenShift Container Platform 4.14 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.14/release_notes/ocp-4-14-release-notes.html\n\nFor Red Hat OpenShift Logging 5.9, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.14/logging/cluster-logging-upgrading.html",
"product_ids": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7324"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-RHOL-5.9:openshift-logging/cluster-logging-operator-bundle@sha256:3b1f61f40556c931ec5bc8a99a6c7917bc5cb7dd6fe13ef8cd2603882d0eee58_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:81429833f5eace1ed0551c24e36f4b62e6f8e636b0aaa9d51ca631bd38e39d55_amd64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:c6bad5602c46f96702e1a8229d4cf2d0a52448b52921baf956be73d13b17238a_arm64",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:d141094a566076a1a6446432d879e3d2d04a9d2d4d6b312329939b149edefa74_ppc64le",
"9Base-RHOL-5.9:openshift-logging/cluster-logging-rhel9-operator@sha256:da1b89713f57187a47e213bf2327253d4b86f67a1782542c50d53a0aff9fb32d_s390x",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:1a8036416fe14318ef86d4c5c647fb9fb0df1b46a5d49f3e814a2502e026f6c9_amd64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:55bddb959a24589db81c899b763d93e52d39c03e949341ab59139af4646657d7_ppc64le",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:b873cbc4bfff8e599afa0adf773a62f1e4884d1199dd3c42cfb1062ea064b0e1_arm64",
"9Base-RHOL-5.9:openshift-logging/eventrouter-rhel9@sha256:e1390da0cb3e5947d394bbff3fa1df521a26c5be01ea829024a28cc4b960d14a_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:473a6e8f3f9b879038eeffbd9ea3f1ce51fd30e2614598f5ed96a9699e1e0840_s390x",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:6e3aedfb93fb759ebd5e88d6fcd5b7733a3e64b86bcf33569cd8abd833ca5317_arm64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:87ee3510ca2eafafc914fbafb591d871757ebbfe6ff1765b3d448c3fa1f9f1a4_amd64",
"9Base-RHOL-5.9:openshift-logging/fluentd-rhel9@sha256:e39aeb29fead7c4899b76b9fd90a03b49875de0660dc0f701885617c4ebd2ee5_ppc64le",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:0e20cce12cf234424ba883d582e4b5409d5abad895ea1411ed94400a919efa26_s390x",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:165d702c6c6a3f882ac7b413510cb119239ad338012a58033ba9c80757ee6f0d_amd64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:8a3d87c76ccca2710d4009c483ff3849c0db0097134bf522eedfac20236b72a3_arm64",
"9Base-RHOL-5.9:openshift-logging/log-file-metric-exporter-rhel9@sha256:b4e6a62a9711825f16d61bce5ce8926773671aa0fa826122a0a9cc7ce0a35f04_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:35e06a641268891b41c419e7471038eaee91cb8a4807e1ad2052832a053d8044_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:4f887ba3569acde13bf34fa86cd8e2899281f9d4efc83f6ddaf18cc39f9b8f24_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:6ed9df1170b26d52fd6fd825c4f80603e6e481e1d0cfad67cdc8f68ffb10cce8_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-loki-rhel9@sha256:f6664dc6c451fae94f44aa48b7d7d33f57f5fde96dbddb9717f00865a26c167a_arm64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:656f64a6a55c116fd22046faff1ffd218ee849342e69a4eb6c4b567e8c21ccd2_amd64",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:96f3970d474e6853cdb8f0ce1b9eb30b71063f8968d573d6593a45b3bb2d1775_ppc64le",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:aceefa76322cf8571a9a8b12fdcba70616fa2bc9f148223fe571505717b10f88_s390x",
"9Base-RHOL-5.9:openshift-logging/logging-view-plugin-rhel9@sha256:f0c4675a9fe55da1289949cc94f2fdc086007e1d72a12a8af2340fcaed8e9bf4_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-operator-bundle@sha256:a0f8da449df26650a1b5f0e756c91970702158fd4336c5c8b6bbef68d944eed1_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:2139b6fe5592c6591241c177ece47489be7e1c074f4be0032bd69c6075a06560_amd64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:a248f058102d9c31b0fa625a3ec6571ed707039b72186c1bb2b72d5dd5d76aab_arm64",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:ce77679763582b1d79a0b1873ccad041c390f66d2b2731029424fd71a929c68a_s390x",
"9Base-RHOL-5.9:openshift-logging/loki-rhel9-operator@sha256:dd12b57741366236dadec539b8a713a6b76a8e6e5ddfd06f55375c6cc3f07b61_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:23758e547a97de164a49e4b248a6548d9a738fafd3410702dce8c3eaa6c726ea_ppc64le",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:6daf7232e68fb9cf96bb924280b3dd489155c66bf968d3fab08bde877c7ddf1e_arm64",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:8ff03e32e8a86128f0d86897ef6d51b8e550331687b04e794d39aff92085c20d_s390x",
"9Base-RHOL-5.9:openshift-logging/lokistack-gateway-rhel9@sha256:db61beb43140554de31dfa4d8774ff6f12d629d38d27e017e800f973f87a66d5_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:048295f3106b5c3681c5f3bd43fc189fb27974403983e097c118c0789ebe8f22_arm64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2c73b67aace0a88a5946511ac323e873b27baa4a1678d9b3a5aecc303630e5e2_amd64",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:2d2139f6b181b70ac42953f1eb1c473a370b6835c13a1042eaa95312873f3f4f_ppc64le",
"9Base-RHOL-5.9:openshift-logging/opa-openshift-rhel9@sha256:8fc51ae71af5522c84b6653fc9930b6d64b900396c6d253d340ac74ffd5ad300_s390x",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:323ed7b70de3cca05ab437ad4839527e3123cd039fc80acd16e3cfabcaf1046b_arm64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:33d17ee43f935f9ecd123621ca19e957d95b4f9f1e16df5192330c69abaf6fb6_amd64",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:9c0aa87656a48d99ba3cd82350db54bb6303749e11e3a39252e1f58f18157bbe_ppc64le",
"9Base-RHOL-5.9:openshift-logging/vector-rhel9@sha256:fa22505c9f61ec65d258125530bffe12e925be8e7f4479266c6e717eaed89aa5_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dompurify: XSS vulnerability via prototype pollution"
}
]
}
rhsa-2024_7706
Vulnerability from csaf_redhat
Published
2024-10-07 01:12
Modified
2024-12-17 19:02
Summary
Red Hat Security Advisory: Red Hat build of Cryostat security update
Notes
Topic
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.
Security Fix(es):
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* dompurify: XSS vulnerability via prototype pollution (CVE-2024-45801)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "An update is now available for the Red Hat build of Cryostat 3 on RHEL 8.\n\nSecurity Fix(es):\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* dompurify: XSS vulnerability via prototype pollution (CVE-2024-45801)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7706",
"url": "https://access.redhat.com/errata/RHSA-2024:7706"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7706.json"
}
],
"title": "Red Hat Security Advisory: Red Hat build of Cryostat security update",
"tracking": {
"current_release_date": "2024-12-17T19:02:22+00:00",
"generator": {
"date": "2024-12-17T19:02:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:7706",
"initial_release_date": "2024-10-07T01:12:29+00:00",
"revision_history": [
{
"date": "2024-10-07T01:12:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-07T01:12:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T19:02:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Cryostat 3 on RHEL 8",
"product": {
"name": "Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:cryostat:3::el8"
}
}
}
],
"category": "product_family",
"name": "Cryostat"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"product_id": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-db-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"product_id": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-grafana-dashboard-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"product_id": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"product_id": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-reports-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"product_id": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"product_id": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-operator-bundle\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"product_id": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8-operator\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"product": {
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"product_id": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-storage-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"product": {
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"product_id": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f?arch=arm64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/jfr-datasource-rhel8\u0026tag=3.0.1-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"product_id": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-db-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"product_id": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-grafana-dashboard-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"product_id": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"product_id": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-reports-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"product_id": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"product_id": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-operator-bundle\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"product_id": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-rhel8-operator\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"product": {
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"product_id": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/cryostat-storage-rhel8\u0026tag=3.0.1-3"
}
}
},
{
"category": "product_version",
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64",
"product": {
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64",
"product_id": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455?arch=amd64\u0026repository_url=registry.redhat.io/cryostat-tech-preview/jfr-datasource-rhel8\u0026tag=3.0.1-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64"
},
"product_reference": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64"
},
"product_reference": "cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64"
},
"product_reference": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"relates_to_product_reference": "8Base-Cryostat-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64 as a component of Cryostat 3 on RHEL 8",
"product_id": "8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
},
"product_reference": "cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64",
"relates_to_product_reference": "8Base-Cryostat-3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T01:12:29+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7706"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-16T19:20:09.863249+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: XSS vulnerability via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45801"
},
{
"category": "external",
"summary": "RHBZ#2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21",
"url": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc",
"url": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674"
}
],
"release_date": "2024-09-16T19:16:11.080000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-07T01:12:29+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7706"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:94f2ad856ccc1d3efed8871303ac0a0792efe8150ba0e7e1152f02e8e3acc80a_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-db-rhel8@sha256:cde38f98de9a139e0fa7e835dfc1d2c56ee91087cd01da4ce4bc46b06e0fd7ec_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:8ce54e90618eaa45627ed97e55a93e7754006f760b2f2e619c02f93c9acb5ce3_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-grafana-dashboard-rhel8@sha256:944d74356fd1997334e40e2ed60a2d2f3a4730895a4dab0e5952fc8de51edf3a_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:82a87b4ee8e5a4ebdb4f3c5df7d3d7ff5e8ebcf4313548072c0dbed08df2eb51_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-operator-bundle@sha256:93d0b7f6a0bb26707fffb1b18485427641711dbc6161effb28b4b5eaee5a612d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:4e8c4c26564bfa6d15cb3dd1ed0bf1a707f0dee78ddd1c0f801acd740f06ab0f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-ose-oauth-proxy-rhel8@sha256:c38a44a12a45b65045576ab373e7d18641995709c4d330e01c3fe23ad74a280f_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:194e839e5733e70303b38d212362898b03fe0c12765726b159703d718787e7d6_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-reports-rhel8@sha256:2bc3f4475c1eac40cda1528944416f42af49b669fec8762e3dbad40a023f3bb4_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:af720cf07d638057b31dea56cc3514d394dc39461acef8d2573c4b0205c309d7_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8-operator@sha256:ff17460450719304fff283aeeb2ac59f9644bb2c659d38ea7520fe31b8aff41d_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:180392716b08b100430cddfd46b84c1b5b2a8648d53a36e67e1984359d5bba3b_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-rhel8@sha256:aef0dc11169bf71824ff16a3fe307343cd07522b10e0759912f77c1b1e05b34c_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:5296794a5d38c60165a86671ced7e3812f75e2355d8a6d9721ab89accc93c1a6_amd64",
"8Base-Cryostat-3:cryostat-tech-preview/cryostat-storage-rhel8@sha256:7e2ec282045e2698b254a26142c38d9923a8fbc0f7e096539df1f9fa86163234_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:30a0e9843b9b8f11305788baaef33534144dbe04e9b314e04534e6f13967b69f_arm64",
"8Base-Cryostat-3:cryostat-tech-preview/jfr-datasource-rhel8@sha256:d6aca1dcf4bee8abfa4f0c674e7cdad49289d2c8bd77e0ccdd44e0e93df66455_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dompurify: XSS vulnerability via prototype pollution"
}
]
}
rhsa-2024_8014
Vulnerability from csaf_redhat
Published
2024-10-22 01:05
Modified
2024-12-18 04:39
Summary
Red Hat Security Advisory: Network Observability 1.7.0 for OpenShift
Notes
Topic
Network Observability 1.7 for Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details
Network Observability 1.7.0
Security Fix(es):
* Network Observability: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* Network Observability: XSS vulnerability via prototype pollution (CVE-2024-45801)
* Network Observability: axios: Server-Side Request Forgery (CVE-2024-39338)
* Network Observability: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* Network Observability: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* Network Observability: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* Network Observability: Improper Input Handling in Express Redirects (CVE-2024-43796)
* Network Observability: Improper Sanitization in serve-static (CVE-2024-43800)
* Network Observability: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)
* Network Observability: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)
* Network Observability: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Network Observability 1.7 for Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Network Observability 1.7.0\n\nSecurity Fix(es):\n\n* Network Observability: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* Network Observability: XSS vulnerability via prototype pollution (CVE-2024-45801)\n* Network Observability: axios: Server-Side Request Forgery (CVE-2024-39338)\n* Network Observability: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* Network Observability: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* Network Observability: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n* Network Observability: Improper Input Handling in Express Redirects (CVE-2024-43796)\n* Network Observability: Improper Sanitization in serve-static (CVE-2024-43800)\n* Network Observability: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)\n* Network Observability: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)\n* Network Observability: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8014",
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "NETOBSERV-1377",
"url": "https://issues.redhat.com/browse/NETOBSERV-1377"
},
{
"category": "external",
"summary": "NETOBSERV-1509",
"url": "https://issues.redhat.com/browse/NETOBSERV-1509"
},
{
"category": "external",
"summary": "NETOBSERV-1538",
"url": "https://issues.redhat.com/browse/NETOBSERV-1538"
},
{
"category": "external",
"summary": "NETOBSERV-1540",
"url": "https://issues.redhat.com/browse/NETOBSERV-1540"
},
{
"category": "external",
"summary": "NETOBSERV-1564",
"url": "https://issues.redhat.com/browse/NETOBSERV-1564"
},
{
"category": "external",
"summary": "NETOBSERV-163",
"url": "https://issues.redhat.com/browse/NETOBSERV-163"
},
{
"category": "external",
"summary": "NETOBSERV-1666",
"url": "https://issues.redhat.com/browse/NETOBSERV-1666"
},
{
"category": "external",
"summary": "NETOBSERV-1667",
"url": "https://issues.redhat.com/browse/NETOBSERV-1667"
},
{
"category": "external",
"summary": "NETOBSERV-1733",
"url": "https://issues.redhat.com/browse/NETOBSERV-1733"
},
{
"category": "external",
"summary": "NETOBSERV-1746",
"url": "https://issues.redhat.com/browse/NETOBSERV-1746"
},
{
"category": "external",
"summary": "NETOBSERV-1748",
"url": "https://issues.redhat.com/browse/NETOBSERV-1748"
},
{
"category": "external",
"summary": "NETOBSERV-1753",
"url": "https://issues.redhat.com/browse/NETOBSERV-1753"
},
{
"category": "external",
"summary": "NETOBSERV-1766",
"url": "https://issues.redhat.com/browse/NETOBSERV-1766"
},
{
"category": "external",
"summary": "NETOBSERV-1779",
"url": "https://issues.redhat.com/browse/NETOBSERV-1779"
},
{
"category": "external",
"summary": "NETOBSERV-1783",
"url": "https://issues.redhat.com/browse/NETOBSERV-1783"
},
{
"category": "external",
"summary": "NETOBSERV-1788",
"url": "https://issues.redhat.com/browse/NETOBSERV-1788"
},
{
"category": "external",
"summary": "NETOBSERV-1798",
"url": "https://issues.redhat.com/browse/NETOBSERV-1798"
},
{
"category": "external",
"summary": "NETOBSERV-1805",
"url": "https://issues.redhat.com/browse/NETOBSERV-1805"
},
{
"category": "external",
"summary": "NETOBSERV-1806",
"url": "https://issues.redhat.com/browse/NETOBSERV-1806"
},
{
"category": "external",
"summary": "NETOBSERV-1808",
"url": "https://issues.redhat.com/browse/NETOBSERV-1808"
},
{
"category": "external",
"summary": "NETOBSERV-1811",
"url": "https://issues.redhat.com/browse/NETOBSERV-1811"
},
{
"category": "external",
"summary": "NETOBSERV-1812",
"url": "https://issues.redhat.com/browse/NETOBSERV-1812"
},
{
"category": "external",
"summary": "NETOBSERV-1813",
"url": "https://issues.redhat.com/browse/NETOBSERV-1813"
},
{
"category": "external",
"summary": "NETOBSERV-1816",
"url": "https://issues.redhat.com/browse/NETOBSERV-1816"
},
{
"category": "external",
"summary": "NETOBSERV-1819",
"url": "https://issues.redhat.com/browse/NETOBSERV-1819"
},
{
"category": "external",
"summary": "NETOBSERV-1848",
"url": "https://issues.redhat.com/browse/NETOBSERV-1848"
},
{
"category": "external",
"summary": "NETOBSERV-1884",
"url": "https://issues.redhat.com/browse/NETOBSERV-1884"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8014.json"
}
],
"title": "Red Hat Security Advisory: Network Observability 1.7.0 for OpenShift",
"tracking": {
"current_release_date": "2024-12-18T04:39:27+00:00",
"generator": {
"date": "2024-12-18T04:39:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:8014",
"initial_release_date": "2024-10-22T01:05:39+00:00",
"revision_history": [
{
"date": "2024-10-22T01:05:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-22T01:05:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:39:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "NETOBSERV 1.7 for RHEL 9",
"product": {
"name": "NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_observ_optr:1.7.0::el9"
}
}
}
],
"category": "product_family",
"name": "Network Observability"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"product_id": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"product_id": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"product_id": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"product_id": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34155",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:06.929766+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310527"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34155"
},
{
"category": "external",
"summary": "RHBZ#2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155"
},
{
"category": "external",
"summary": "https://go.dev/cl/611238",
"url": "https://go.dev/cl/611238"
},
{
"category": "external",
"summary": "https://go.dev/issue/69138",
"url": "https://go.dev/issue/69138"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3105",
"url": "https://pkg.go.dev/vuln/GO-2024-3105"
}
],
"release_date": "2024-09-06T21:15:11.947000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion"
},
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-34158",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"discovery_date": "2024-09-06T21:20:12.126400+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310529"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34158"
},
{
"category": "external",
"summary": "RHBZ#2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158"
},
{
"category": "external",
"summary": "https://go.dev/cl/611240",
"url": "https://go.dev/cl/611240"
},
{
"category": "external",
"summary": "https://go.dev/issue/69141",
"url": "https://go.dev/issue/69141"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3107",
"url": "https://pkg.go.dev/vuln/GO-2024-3107"
}
],
"release_date": "2024-09-06T21:15:12.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-16T19:20:09.863249+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: XSS vulnerability via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45801"
},
{
"category": "external",
"summary": "RHBZ#2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21",
"url": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc",
"url": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674"
}
],
"release_date": "2024-09-16T19:16:11.080000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dompurify: XSS vulnerability via prototype pollution"
}
]
}
rhsa-2024_10762
Vulnerability from csaf_redhat
Published
2024-12-03 16:20
Modified
2024-12-18 04:36
Summary
Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
Notes
Topic
An update is now available for Red Hat Ansible Automation Platform 2.4
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.
Security Fix(es):
* automation-controller: dompurify: XSS vulnerability via prototype pollution (CVE-2024-45801)
* automation-controller: path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* ansible-core: Exposure of Sensitive Information in Ansible Vault Files Due to Improper Logging (CVE-2024-8775)
* ansible-core: ansible-core user may read/write unauthorized content (CVE-2024-9902)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updates and fixes for automation controller:
* Fix job schedules running at incorrect times when rrule interval was set to HOURLY or MINUTELY (AAP-36573)
* Fixed an issue where sensitive data was displayed in the job output (AAP-35582)
* With this update, you can now save a constructed inventory when verbosity is greater than 2 (AAP-35570)
* Fix bug where unrelated jobs could be marked as a dependency of other jobs (AAP-35310)
* Add support for receiving webhooks from Bitbucket Data Center, and add support for posting build statuses back (AAP-35013)
* Notification List no longer errors when notifications have a missing or null organization field (AAP-34051)
* Fixed an issue where Thycotic secret server credentials form fields were mis-matched (AAP-31236)
* automation-controller has been updated to 4.5.13
Updates and fixes for receptor:
* Fixed an issue that caused a Receptor runtime panic error (AAP-36477)
* receptor has been updated to 1.5.1
Updates and fixes for installer and setup:
* Receptor data directory can now be configured using 'receptor_datadir' variable (AAP-36699)
* Fixed issue where metrics-utility command failed to run after updating Automation controller (AAP-36567)
* Fix issue where the dispatcher service went into FATAL status and failed to process new jobs after a database outage of a few minutes (AAP-36456)
* Fixed an issue that caused incorrect IDs for RBAC in the database following a backup restore (AAP-35311)
* With this update, installer tasks that include CA or key information are obfuscated (AAP-27480)
* installer and setup have been updated to 2.4-8
Note: The 2.4-8 installer can restore a backup created with 2.4-8 or later only. Ensure that you make a backup before and after the upgrade to 2.4-8 or later.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Ansible Automation Platform 2.4\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.\n\nSecurity Fix(es):\n* automation-controller: dompurify: XSS vulnerability via prototype pollution (CVE-2024-45801)\n* automation-controller: path-to-regexp: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n* ansible-core: Exposure of Sensitive Information in Ansible Vault Files Due to Improper Logging (CVE-2024-8775)\n* ansible-core: ansible-core user may read/write unauthorized content (CVE-2024-9902)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nUpdates and fixes for automation controller:\n* Fix job schedules running at incorrect times when rrule interval was set to HOURLY or MINUTELY (AAP-36573)\n* Fixed an issue where sensitive data was displayed in the job output (AAP-35582)\n* With this update, you can now save a constructed inventory when verbosity is greater than 2 (AAP-35570)\n* Fix bug where unrelated jobs could be marked as a dependency of other jobs (AAP-35310)\n* Add support for receiving webhooks from Bitbucket Data Center, and add support for posting build statuses back (AAP-35013)\n* Notification List no longer errors when notifications have a missing or null organization field (AAP-34051)\n* Fixed an issue where Thycotic secret server credentials form fields were mis-matched (AAP-31236)\n* automation-controller has been updated to 4.5.13\n\nUpdates and fixes for receptor:\n* Fixed an issue that caused a Receptor runtime panic error (AAP-36477)\n* receptor has been updated to 1.5.1\n\nUpdates and fixes for installer and setup:\n* Receptor data directory can now be configured using \u0027receptor_datadir\u0027 variable (AAP-36699)\n* Fixed issue where metrics-utility command failed to run after updating Automation controller (AAP-36567)\n* Fix issue where the dispatcher service went into FATAL status and failed to process new jobs after a database outage of a few minutes (AAP-36456)\n* Fixed an issue that caused incorrect IDs for RBAC in the database following a backup restore (AAP-35311)\n* With this update, installer tasks that include CA or key information are obfuscated (AAP-27480)\n* installer and setup have been updated to 2.4-8\n\nNote: The 2.4-8 installer can restore a backup created with 2.4-8 or later only. Ensure that you make a backup before and after the upgrade to 2.4-8 or later.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:10762",
"url": "https://access.redhat.com/errata/RHSA-2024:10762"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "2312119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312119"
},
{
"category": "external",
"summary": "2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "2318271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318271"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_10762.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update",
"tracking": {
"current_release_date": "2024-12-18T04:36:21+00:00",
"generator": {
"date": "2024-12-18T04:36:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:10762",
"initial_release_date": "2024-12-03T16:20:16+00:00",
"revision_history": [
{
"date": "2024-12-03T16:20:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-12-03T16:20:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:36:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product": {
"name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ansible Automation Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "ansible-core-1:2.15.13-1.el8ap.src",
"product": {
"name": "ansible-core-1:2.15.13-1.el8ap.src",
"product_id": "ansible-core-1:2.15.13-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-core@2.15.13-1.el8ap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.13-1.el8ap.src",
"product": {
"name": "automation-controller-0:4.5.13-1.el8ap.src",
"product_id": "automation-controller-0:4.5.13-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.13-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"product": {
"name": "ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"product_id": "ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-automation-platform-installer@2.4-8.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "receptor-0:1.5.1-1.el8ap.src",
"product": {
"name": "receptor-0:1.5.1-1.el8ap.src",
"product_id": "receptor-0:1.5.1-1.el8ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor@1.5.1-1.el8ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "ansible-core-1:2.15.13-1.el9ap.src",
"product": {
"name": "ansible-core-1:2.15.13-1.el9ap.src",
"product_id": "ansible-core-1:2.15.13-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-core@2.15.13-1.el9ap?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.13-1.el9ap.src",
"product": {
"name": "automation-controller-0:4.5.13-1.el9ap.src",
"product_id": "automation-controller-0:4.5.13-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.13-1.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"product": {
"name": "ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"product_id": "ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-automation-platform-installer@2.4-8.el9ap?arch=src"
}
}
},
{
"category": "product_version",
"name": "receptor-0:1.5.1-1.el9ap.src",
"product": {
"name": "receptor-0:1.5.1-1.el9ap.src",
"product_id": "receptor-0:1.5.1-1.el9ap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor@1.5.1-1.el9ap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ansible-core-1:2.15.13-1.el8ap.noarch",
"product": {
"name": "ansible-core-1:2.15.13-1.el8ap.noarch",
"product_id": "ansible-core-1:2.15.13-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-core@2.15.13-1.el8ap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "ansible-test-1:2.15.13-1.el8ap.noarch",
"product": {
"name": "ansible-test-1:2.15.13-1.el8ap.noarch",
"product_id": "ansible-test-1:2.15.13-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-test@2.15.13-1.el8ap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"product": {
"name": "automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"product_id": "automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-cli@4.5.13-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-server-0:4.5.13-1.el8ap.noarch",
"product": {
"name": "automation-controller-server-0:4.5.13-1.el8ap.noarch",
"product_id": "automation-controller-server-0:4.5.13-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-server@4.5.13-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"product": {
"name": "automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"product_id": "automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-ui@4.5.13-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"product": {
"name": "ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"product_id": "ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-automation-platform-installer@2.4-8.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "receptorctl-0:1.5.1-1.el8ap.noarch",
"product": {
"name": "receptorctl-0:1.5.1-1.el8ap.noarch",
"product_id": "receptorctl-0:1.5.1-1.el8ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptorctl@1.5.1-1.el8ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ansible-core-1:2.15.13-1.el9ap.noarch",
"product": {
"name": "ansible-core-1:2.15.13-1.el9ap.noarch",
"product_id": "ansible-core-1:2.15.13-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-core@2.15.13-1.el9ap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "ansible-test-1:2.15.13-1.el9ap.noarch",
"product": {
"name": "ansible-test-1:2.15.13-1.el9ap.noarch",
"product_id": "ansible-test-1:2.15.13-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-test@2.15.13-1.el9ap?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"product": {
"name": "automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"product_id": "automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-cli@4.5.13-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-server-0:4.5.13-1.el9ap.noarch",
"product": {
"name": "automation-controller-server-0:4.5.13-1.el9ap.noarch",
"product_id": "automation-controller-server-0:4.5.13-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-server@4.5.13-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"product": {
"name": "automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"product_id": "automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-ui@4.5.13-1.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"product": {
"name": "ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"product_id": "ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-automation-platform-installer@2.4-8.el9ap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "receptorctl-0:1.5.1-1.el9ap.noarch",
"product": {
"name": "receptorctl-0:1.5.1-1.el9ap.noarch",
"product_id": "receptorctl-0:1.5.1-1.el9ap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptorctl@1.5.1-1.el9ap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "automation-controller-0:4.5.13-1.el8ap.x86_64",
"product": {
"name": "automation-controller-0:4.5.13-1.el8ap.x86_64",
"product_id": "automation-controller-0:4.5.13-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.13-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"product_id": "automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.13-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "receptor-0:1.5.1-1.el8ap.x86_64",
"product": {
"name": "receptor-0:1.5.1-1.el8ap.x86_64",
"product_id": "receptor-0:1.5.1-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor@1.5.1-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"product": {
"name": "receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"product_id": "receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor-debugsource@1.5.1-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"product": {
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"product_id": "receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor-debuginfo@1.5.1-1.el8ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.13-1.el9ap.x86_64",
"product": {
"name": "automation-controller-0:4.5.13-1.el9ap.x86_64",
"product_id": "automation-controller-0:4.5.13-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.13-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"product_id": "automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.13-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "receptor-0:1.5.1-1.el9ap.x86_64",
"product": {
"name": "receptor-0:1.5.1-1.el9ap.x86_64",
"product_id": "receptor-0:1.5.1-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor@1.5.1-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"product": {
"name": "receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"product_id": "receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor-debugsource@1.5.1-1.el9ap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"product": {
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"product_id": "receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor-debuginfo@1.5.1-1.el9ap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "automation-controller-0:4.5.13-1.el8ap.ppc64le",
"product": {
"name": "automation-controller-0:4.5.13-1.el8ap.ppc64le",
"product_id": "automation-controller-0:4.5.13-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.13-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"product": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"product_id": "automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.13-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "receptor-0:1.5.1-1.el8ap.ppc64le",
"product": {
"name": "receptor-0:1.5.1-1.el8ap.ppc64le",
"product_id": "receptor-0:1.5.1-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor@1.5.1-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"product": {
"name": "receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"product_id": "receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor-debugsource@1.5.1-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"product": {
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"product_id": "receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor-debuginfo@1.5.1-1.el8ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.13-1.el9ap.ppc64le",
"product": {
"name": "automation-controller-0:4.5.13-1.el9ap.ppc64le",
"product_id": "automation-controller-0:4.5.13-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.13-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"product": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"product_id": "automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.13-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "receptor-0:1.5.1-1.el9ap.ppc64le",
"product": {
"name": "receptor-0:1.5.1-1.el9ap.ppc64le",
"product_id": "receptor-0:1.5.1-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor@1.5.1-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"product": {
"name": "receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"product_id": "receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor-debugsource@1.5.1-1.el9ap?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"product": {
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"product_id": "receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor-debuginfo@1.5.1-1.el9ap?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "automation-controller-0:4.5.13-1.el8ap.s390x",
"product": {
"name": "automation-controller-0:4.5.13-1.el8ap.s390x",
"product_id": "automation-controller-0:4.5.13-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.13-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"product": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"product_id": "automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.13-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "receptor-0:1.5.1-1.el8ap.s390x",
"product": {
"name": "receptor-0:1.5.1-1.el8ap.s390x",
"product_id": "receptor-0:1.5.1-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor@1.5.1-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"product": {
"name": "receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"product_id": "receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor-debugsource@1.5.1-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"product": {
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"product_id": "receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor-debuginfo@1.5.1-1.el8ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.13-1.el9ap.s390x",
"product": {
"name": "automation-controller-0:4.5.13-1.el9ap.s390x",
"product_id": "automation-controller-0:4.5.13-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.13-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"product": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"product_id": "automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.13-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "receptor-0:1.5.1-1.el9ap.s390x",
"product": {
"name": "receptor-0:1.5.1-1.el9ap.s390x",
"product_id": "receptor-0:1.5.1-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor@1.5.1-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"product": {
"name": "receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"product_id": "receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor-debugsource@1.5.1-1.el9ap?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"product": {
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"product_id": "receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor-debuginfo@1.5.1-1.el9ap?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "automation-controller-0:4.5.13-1.el8ap.aarch64",
"product": {
"name": "automation-controller-0:4.5.13-1.el8ap.aarch64",
"product_id": "automation-controller-0:4.5.13-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.13-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"product_id": "automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.13-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "receptor-0:1.5.1-1.el8ap.aarch64",
"product": {
"name": "receptor-0:1.5.1-1.el8ap.aarch64",
"product_id": "receptor-0:1.5.1-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor@1.5.1-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"product": {
"name": "receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"product_id": "receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor-debugsource@1.5.1-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"product": {
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"product_id": "receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor-debuginfo@1.5.1-1.el8ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-0:4.5.13-1.el9ap.aarch64",
"product": {
"name": "automation-controller-0:4.5.13-1.el9ap.aarch64",
"product_id": "automation-controller-0:4.5.13-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller@4.5.13-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"product": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"product_id": "automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-controller-venv-tower@4.5.13-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "receptor-0:1.5.1-1.el9ap.aarch64",
"product": {
"name": "receptor-0:1.5.1-1.el9ap.aarch64",
"product_id": "receptor-0:1.5.1-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor@1.5.1-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"product": {
"name": "receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"product_id": "receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor-debugsource@1.5.1-1.el9ap?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"product": {
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"product_id": "receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/receptor-debuginfo@1.5.1-1.el9ap?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.15.13-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.noarch"
},
"product_reference": "ansible-core-1:2.15.13-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.15.13-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.src"
},
"product_reference": "ansible-core-1:2.15.13-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-test-1:2.15.13-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el8ap.noarch"
},
"product_reference": "ansible-test-1:2.15.13-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.13-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.13-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.s390x"
},
"product_reference": "automation-controller-0:4.5.13-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.src"
},
"product_reference": "automation-controller-0:4.5.13-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.13-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.13-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el8ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.13-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el8ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.13-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.13-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el8ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.aarch64"
},
"product_reference": "receptor-0:1.5.1-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.ppc64le"
},
"product_reference": "receptor-0:1.5.1-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.s390x"
},
"product_reference": "receptor-0:1.5.1-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.src"
},
"product_reference": "receptor-0:1.5.1-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.x86_64"
},
"product_reference": "receptor-0:1.5.1-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.s390x"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.aarch64"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.s390x"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.x86_64"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptorctl-0:1.5.1-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el8ap.noarch"
},
"product_reference": "receptorctl-0:1.5.1-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.15.13-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.noarch"
},
"product_reference": "ansible-core-1:2.15.13-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.15.13-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.src"
},
"product_reference": "ansible-core-1:2.15.13-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-test-1:2.15.13-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el8ap.noarch"
},
"product_reference": "ansible-test-1:2.15.13-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.aarch64"
},
"product_reference": "receptor-0:1.5.1-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.ppc64le"
},
"product_reference": "receptor-0:1.5.1-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.s390x"
},
"product_reference": "receptor-0:1.5.1-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.src"
},
"product_reference": "receptor-0:1.5.1-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.x86_64"
},
"product_reference": "receptor-0:1.5.1-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.s390x"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.aarch64"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.s390x"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.x86_64"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptorctl-0:1.5.1-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el8ap.noarch"
},
"product_reference": "receptorctl-0:1.5.1-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-installer-0:2.4-8.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.noarch"
},
"product_reference": "ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-installer-0:2.4-8.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.src"
},
"product_reference": "ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.15.13-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.noarch"
},
"product_reference": "ansible-core-1:2.15.13-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.15.13-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.src"
},
"product_reference": "ansible-core-1:2.15.13-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-test-1:2.15.13-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el8ap.noarch"
},
"product_reference": "ansible-test-1:2.15.13-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.13-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.13-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.s390x"
},
"product_reference": "automation-controller-0:4.5.13-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.src"
},
"product_reference": "automation-controller-0:4.5.13-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.13-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.13-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el8ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.13-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el8ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.13-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.13-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el8ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.aarch64"
},
"product_reference": "receptor-0:1.5.1-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.ppc64le"
},
"product_reference": "receptor-0:1.5.1-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.s390x"
},
"product_reference": "receptor-0:1.5.1-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el8ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.src"
},
"product_reference": "receptor-0:1.5.1-1.el8ap.src",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.x86_64"
},
"product_reference": "receptor-0:1.5.1-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.s390x"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el8ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.aarch64"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el8ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el8ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.s390x"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el8ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.x86_64"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptorctl-0:1.5.1-1.el8ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"product_id": "8Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el8ap.noarch"
},
"product_reference": "receptorctl-0:1.5.1-1.el8ap.noarch",
"relates_to_product_reference": "8Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.15.13-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.noarch"
},
"product_reference": "ansible-core-1:2.15.13-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.15.13-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.src"
},
"product_reference": "ansible-core-1:2.15.13-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-test-1:2.15.13-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el9ap.noarch"
},
"product_reference": "ansible-test-1:2.15.13-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.13-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.13-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.s390x"
},
"product_reference": "automation-controller-0:4.5.13-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.src"
},
"product_reference": "automation-controller-0:4.5.13-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.13-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.13-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el9ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.13-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el9ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.13-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.13-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el9ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.aarch64"
},
"product_reference": "receptor-0:1.5.1-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.ppc64le"
},
"product_reference": "receptor-0:1.5.1-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.s390x"
},
"product_reference": "receptor-0:1.5.1-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.src"
},
"product_reference": "receptor-0:1.5.1-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.x86_64"
},
"product_reference": "receptor-0:1.5.1-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.s390x"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.aarch64"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.s390x"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.x86_64"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptorctl-0:1.5.1-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el9ap.noarch"
},
"product_reference": "receptorctl-0:1.5.1-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Developer-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.15.13-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.noarch"
},
"product_reference": "ansible-core-1:2.15.13-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.15.13-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.src"
},
"product_reference": "ansible-core-1:2.15.13-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-test-1:2.15.13-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el9ap.noarch"
},
"product_reference": "ansible-test-1:2.15.13-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.aarch64"
},
"product_reference": "receptor-0:1.5.1-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.ppc64le"
},
"product_reference": "receptor-0:1.5.1-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.s390x"
},
"product_reference": "receptor-0:1.5.1-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.src"
},
"product_reference": "receptor-0:1.5.1-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.x86_64"
},
"product_reference": "receptor-0:1.5.1-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.s390x"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.aarch64"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.s390x"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.x86_64"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptorctl-0:1.5.1-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el9ap.noarch"
},
"product_reference": "receptorctl-0:1.5.1-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4-Inside-1.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-installer-0:2.4-8.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.noarch"
},
"product_reference": "ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-automation-platform-installer-0:2.4-8.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.src"
},
"product_reference": "ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.15.13-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.noarch"
},
"product_reference": "ansible-core-1:2.15.13-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-core-1:2.15.13-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.src"
},
"product_reference": "ansible-core-1:2.15.13-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-test-1:2.15.13-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el9ap.noarch"
},
"product_reference": "ansible-test-1:2.15.13-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.aarch64"
},
"product_reference": "automation-controller-0:4.5.13-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-0:4.5.13-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.s390x"
},
"product_reference": "automation-controller-0:4.5.13-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.src"
},
"product_reference": "automation-controller-0:4.5.13-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-0:4.5.13-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.x86_64"
},
"product_reference": "automation-controller-0:4.5.13-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-cli-0:4.5.13-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el9ap.noarch"
},
"product_reference": "automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-server-0:4.5.13-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el9ap.noarch"
},
"product_reference": "automation-controller-server-0:4.5.13-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-ui-0:4.5.13-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el9ap.noarch"
},
"product_reference": "automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le"
},
"product_reference": "automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x"
},
"product_reference": "automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64"
},
"product_reference": "automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.aarch64"
},
"product_reference": "receptor-0:1.5.1-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.ppc64le"
},
"product_reference": "receptor-0:1.5.1-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.s390x"
},
"product_reference": "receptor-0:1.5.1-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el9ap.src as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.src"
},
"product_reference": "receptor-0:1.5.1-1.el9ap.src",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-0:1.5.1-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.x86_64"
},
"product_reference": "receptor-0:1.5.1-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.s390x"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debuginfo-0:1.5.1-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64"
},
"product_reference": "receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el9ap.aarch64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.aarch64"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el9ap.ppc64le as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el9ap.s390x as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.s390x"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptor-debugsource-0:1.5.1-1.el9ap.x86_64 as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.x86_64"
},
"product_reference": "receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "receptorctl-0:1.5.1-1.el9ap.noarch as a component of Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"product_id": "9Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el9ap.noarch"
},
"product_reference": "receptorctl-0:1.5.1-1.el9ap.noarch",
"relates_to_product_reference": "9Base-Ansible-Automation-Platform-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-8775",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2024-09-13T08:31:27.781000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312119"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter, resulting in sensitive data being printed in the playbook output or logs. This can lead to the unintentional disclosure of secrets like passwords or API keys, compromising security and potentially allowing unauthorized access or actions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ansible-core: Exposure of Sensitive Information in Ansible Vault Files Due to Improper Logging",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is classified as moderate rather than important because while it does expose sensitive information during playbook execution, the exposure is limited to logs and output generated during the run, which is typically accessible only to authorized users with sufficient privileges. The flaw does not result in an immediate or direct compromise of systems, as no remote exploitation vector is introduced. Additionally, the risk can be mitigated through proper configuration (`no_log: true`) and access control measures, reducing the likelihood of unauthorized access to the logged data. However, the unintentional disclosure of secrets like passwords or API keys still presents a potential risk for privilege escalation or lateral movement within an environment, justifying a moderate severity rating.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.src"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8775"
},
{
"category": "external",
"summary": "RHBZ#2312119",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312119"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8775"
}
],
"release_date": "2024-09-13T08:35:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-03T16:20:16+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ansible-core: Exposure of Sensitive Information in Ansible Vault Files Due to Improper Logging"
},
{
"acknowledgments": [
{
"names": [
"Matt Clay"
]
}
],
"cve": "CVE-2024-9902",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2024-10-12T02:41:32.581000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2318271"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user\u0027s home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ansible-core: Ansible-core user may read/write unauthorized content",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.src"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-9902"
},
{
"category": "external",
"summary": "RHBZ#2318271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318271"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-9902",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9902"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-9902",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-9902"
}
],
"release_date": "2024-11-06T06:11:25.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-03T16:20:16+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10762"
},
{
"category": "workaround",
"details": "In the play that uses the user module with the key generation option,\nhave a prior task ensuring the public key does not exist for example:\n\n- name: avoid user exploit (change name depending on other options\nused in user task)\nfile: path=/home/{{username}}/.ssh/id_rsa.pub state=absent",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ansible-core: Ansible-core user may read/write unauthorized content"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-03T16:20:16+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-16T19:20:09.863249+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el9ap.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: XSS vulnerability via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64"
],
"known_not_affected": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el9ap.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45801"
},
{
"category": "external",
"summary": "RHBZ#2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21",
"url": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc",
"url": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674"
}
],
"release_date": "2024-09-16T19:16:11.080000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-12-03T16:20:16+00:00",
"details": "Red Hat Ansible Automation Platform",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:10762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el9ap.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el8ap.noarch",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.src",
"8Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.aarch64",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.ppc64le",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.s390x",
"8Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el8ap.x86_64",
"8Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el8ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Developer-1.1:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4-Inside-1.2:receptorctl-0:1.5.1-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-automation-platform-installer-0:2.4-8.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:ansible-core-1:2.15.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:ansible-test-1:2.15.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-cli-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-server-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-ui-0:4.5.13-1.el9ap.noarch",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:automation-controller-venv-tower-0:4.5.13-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.src",
"9Base-Ansible-Automation-Platform-2.4:receptor-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debuginfo-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.aarch64",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.ppc64le",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.s390x",
"9Base-Ansible-Automation-Platform-2.4:receptor-debugsource-0:1.5.1-1.el9ap.x86_64",
"9Base-Ansible-Automation-Platform-2.4:receptorctl-0:1.5.1-1.el9ap.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dompurify: XSS vulnerability via prototype pollution"
}
]
}
ghsa-mmhx-hmjr-r674
Vulnerability from github
Published
2024-09-16 20:34
Modified
2024-09-16 22:37
Severity ?
7.0 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L
8.3 (High) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
8.3 (High) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N
Summary
DOMPurify allows tampering by prototype pollution
Details
It has been discovered that malicious HTML using special nesting techniques can bypass the depth checking added to DOMPurify in recent releases. It was also possible to use Prototype Pollution to weaken the depth check.
This renders dompurify unable to avoid XSS attack.
Fixed by https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21 (3.x branch) and https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc (2.x branch).
{
"affected": [
{
"package": {
"ecosystem": "npm",
"name": "dompurify"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "npm",
"name": "dompurify"
},
"ranges": [
{
"events": [
{
"introduced": "3.0.0"
},
{
"fixed": "3.1.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2024-45801"
],
"database_specific": {
"cwe_ids": [
"CWE-1321",
"CWE-1333"
],
"github_reviewed": true,
"github_reviewed_at": "2024-09-16T20:34:26Z",
"nvd_published_at": "2024-09-16T19:16:11Z",
"severity": "HIGH"
},
"details": "It has been discovered that malicious HTML using special nesting techniques can bypass the depth checking added to DOMPurify in recent releases. It was also possible to use Prototype Pollution to weaken the depth check.\n\nThis renders dompurify unable to avoid XSS attack.\n\nFixed by https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21 (3.x branch) and https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc (2.x branch).",
"id": "GHSA-mmhx-hmjr-r674",
"modified": "2024-09-16T22:37:33Z",
"published": "2024-09-16T20:34:26Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801"
},
{
"type": "WEB",
"url": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21"
},
{
"type": "WEB",
"url": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc"
},
{
"type": "PACKAGE",
"url": "https://github.com/cure53/DOMPurify"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "DOMPurify allows tampering by prototype pollution"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.