Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2025-22868
Vulnerability from cvelistv5
Published
2025-02-26 03:07
Modified
2025-02-26 14:46
Severity ?
EPSS score ?
Summary
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| golang.org/x/oauth2 | golang.org/x/oauth2/jws |
Version: 0 ≤ |
{ containers: { adp: [ { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2025-22868", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-02-26T14:45:27.246610Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-1286", description: "CWE-1286 Improper Validation of Syntactic Correctness of Input", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-26T14:46:20.671Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { collectionURL: "https://pkg.go.dev", defaultStatus: "unaffected", packageName: "golang.org/x/oauth2/jws", product: "golang.org/x/oauth2/jws", programRoutines: [ { name: "Verify", }, ], vendor: "golang.org/x/oauth2", versions: [ { lessThan: "0.27.0", status: "affected", version: "0", versionType: "semver", }, ], }, ], credits: [ { lang: "en", value: "jub0bs", }, ], descriptions: [ { lang: "en", value: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", }, ], problemTypes: [ { descriptions: [ { description: "CWE-1286: Improper Validation of Syntactic Correctness of Input", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2025-02-26T03:07:49.012Z", orgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", shortName: "Go", }, references: [ { url: "https://go.dev/cl/652155", }, { url: "https://go.dev/issue/71490", }, { url: "https://pkg.go.dev/vuln/GO-2025-3488", }, ], title: "Unexpected memory consumption during token parsing in golang.org/x/oauth2", }, }, cveMetadata: { assignerOrgId: "1bb62c36-49e3-4200-9d77-64a1400537cc", assignerShortName: "Go", cveId: "CVE-2025-22868", datePublished: "2025-02-26T03:07:49.012Z", dateReserved: "2025-01-08T19:11:42.834Z", dateUpdated: "2025-02-26T14:46:20.671Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2025-22868\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2025-02-26T08:14:24.897\",\"lastModified\":\"2025-02-26T15:15:24.993\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1286\"}]}],\"references\":[{\"url\":\"https://go.dev/cl/652155\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/issue/71490\",\"source\":\"security@golang.org\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2025-3488\",\"source\":\"security@golang.org\"}]}}", vulnrichment: { containers: "{\"cna\": {\"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2025-02-26T03:07:49.012Z\"}, \"title\": \"Unexpected memory consumption during token parsing in golang.org/x/oauth2\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.\"}], \"affected\": [{\"vendor\": \"golang.org/x/oauth2\", \"product\": \"golang.org/x/oauth2/jws\", \"collectionURL\": \"https://pkg.go.dev\", \"packageName\": \"golang.org/x/oauth2/jws\", \"versions\": [{\"version\": \"0\", \"lessThan\": \"0.27.0\", \"status\": \"affected\", \"versionType\": \"semver\"}], \"programRoutines\": [{\"name\": \"Verify\"}], \"defaultStatus\": \"unaffected\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-1286: Improper Validation of Syntactic Correctness of Input\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/652155\"}, {\"url\": \"https://go.dev/issue/71490\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2025-3488\"}], \"credits\": [{\"lang\": \"en\", \"value\": \"jub0bs\"}]}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-22868\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-26T14:45:27.246610Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1286\", \"description\": \"CWE-1286 Improper Validation of Syntactic Correctness of Input\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-26T14:45:55.061Z\"}}]}", cveMetadata: "{\"cveId\": \"CVE-2025-22868\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"Go\", \"dateReserved\": \"2025-01-08T19:11:42.834Z\", \"datePublished\": \"2025-02-26T03:07:49.012Z\", \"dateUpdated\": \"2025-02-26T14:46:20.671Z\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
rhsa-2025:3172
Vulnerability from csaf_redhat
Published
2025-03-25 19:58
Modified
2025-04-04 19:07
Summary
Red Hat Security Advisory: VolSync 0.12.1 security fixes and enhancements for RHEL 9
Notes
Topic
VolSync v0.12 general availability release images, which provide
enhancements, security fixes, and updated container images.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE links in the References section.
Details
VolSync v0.12.1 is a Kubernetes operator that enables asynchronous
replication of persistent volumes within a cluster, or across clusters. After
deploying the VolSync operator, it can create and maintain copies of your
persistent data.
For more information about VolSync, see:
https://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/business_continuity/business-cont-overview#volsync
or the VolSync open source community website at:
https://volsync.readthedocs.io/en/stable/
This advisory contains enhancements and updates to the VolSync
container images.
Security fix(es):
* golang.org/x/oauth2: Unexpected memory consumption during token parsing in
golang.org/x/oauth2 (CVE-2025-22868)
* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of
golang.org/x/crypto/ssh (CVE-2025-22869)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "VolSync v0.12 general availability release images, which provide\nenhancements, security fixes, and updated container images.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE links in the References section.", title: "Topic", }, { category: "general", text: "VolSync v0.12.1 is a Kubernetes operator that enables asynchronous\nreplication of persistent volumes within a cluster, or across clusters. After\ndeploying the VolSync operator, it can create and maintain copies of your\npersistent data.\n\nFor more information about VolSync, see:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/business_continuity/business-cont-overview#volsync\n\nor the VolSync open source community website at:\nhttps://volsync.readthedocs.io/en/stable/\n\nThis advisory contains enhancements and updates to the VolSync\ncontainer images.\n\nSecurity fix(es):\n\n* golang.org/x/oauth2: Unexpected memory consumption during token parsing in\ngolang.org/x/oauth2 (CVE-2025-22868)\n* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of\ngolang.org/x/crypto/ssh (CVE-2025-22869)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3172", url: "https://access.redhat.com/errata/RHSA-2025:3172", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2348366", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348366", }, { category: "external", summary: "2348367", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348367", }, { category: "external", summary: "ACM-19030", url: "https://issues.redhat.com/browse/ACM-19030", }, { category: "external", summary: "HYPBLD-617", url: "https://issues.redhat.com/browse/HYPBLD-617", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3172.json", }, ], title: "Red Hat Security Advisory: VolSync 0.12.1 security fixes and enhancements for RHEL 9", tracking: { current_release_date: "2025-04-04T19:07:06+00:00", generator: { date: "2025-04-04T19:07:06+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3172", initial_release_date: "2025-03-25T19:58:29+00:00", revision_history: [ { date: "2025-03-25T19:58:29+00:00", number: "1", summary: "Initial version", }, { date: "2025-03-25T19:58:29+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-04T19:07:06+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9", product: { name: "Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9", product_id: "9Base-RHACM-2.13", product_identification_helper: { cpe: "cpe:/a:redhat:acm:2.13::el9", }, }, }, ], category: "product_family", name: "Red Hat ACM", }, { branches: [ { category: "product_version", name: "rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64", product: { name: "rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64", product_id: "rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64", product_identification_helper: { purl: "pkg:oci/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110?arch=amd64&repository_url=registry.redhat.io/rhacm2/volsync-rhel9&tag=v0.12.1-2", }, }, }, { category: "product_version", name: "rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64", product: { name: "rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64", product_id: "rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64", product_identification_helper: { purl: "pkg:oci/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515?arch=amd64&repository_url=registry.redhat.io/rhacm2/volsync-operator-bundle&tag=v0.12.1-2", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64", product: { name: "rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64", product_id: "rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64", product_identification_helper: { purl: "pkg:oci/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72?arch=arm64&repository_url=registry.redhat.io/rhacm2/volsync-rhel9&tag=v0.12.1-2", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le", product: { name: "rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le", product_id: "rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le", product_identification_helper: { purl: "pkg:oci/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283?arch=ppc64le&repository_url=registry.redhat.io/rhacm2/volsync-rhel9&tag=v0.12.1-2", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x", product: { name: "rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x", product_id: "rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x", product_identification_helper: { purl: "pkg:oci/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13?arch=s390x&repository_url=registry.redhat.io/rhacm2/volsync-rhel9&tag=v0.12.1-2", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9", product_id: "9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64", }, product_reference: "rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64", relates_to_product_reference: "9Base-RHACM-2.13", }, { category: "default_component_of", full_product_name: { name: "rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9", product_id: "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64", }, product_reference: "rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64", relates_to_product_reference: "9Base-RHACM-2.13", }, { category: "default_component_of", full_product_name: { name: "rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9", product_id: "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x", }, product_reference: "rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x", relates_to_product_reference: "9Base-RHACM-2.13", }, { category: "default_component_of", full_product_name: { name: "rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9", product_id: "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le", }, product_reference: "rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le", relates_to_product_reference: "9Base-RHACM-2.13", }, { category: "default_component_of", full_product_name: { name: "rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.13 for RHEL 9", product_id: "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64", }, product_reference: "rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64", relates_to_product_reference: "9Base-RHACM-2.13", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "jub0bs", ], }, ], cve: "CVE-2025-22868", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, discovery_date: "2025-02-26T04:00:44.350024+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2348366", }, ], notes: [ { category: "description", text: "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "RHBZ#2348366", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348366", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22868", url: "https://www.cve.org/CVERecord?id=CVE-2025-22868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", }, { category: "external", summary: "https://go.dev/cl/652155", url: "https://go.dev/cl/652155", }, { category: "external", summary: "https://go.dev/issue/71490", url: "https://go.dev/issue/71490", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3488", url: "https://pkg.go.dev/vuln/GO-2025-3488", }, ], release_date: "2025-02-26T03:07:49.012000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-25T19:58:29+00:00", details: "For more details, see the Red Hat Advanced Cluster Management for Kubernetes\ndocumentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/business_continuity/business-cont-overview#volsync", product_ids: [ "9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3172", }, { category: "workaround", details: "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.", product_ids: [ "9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", }, { cve: "CVE-2025-22869", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2025-02-26T04:00:47.683125+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2348367", }, ], notes: [ { category: "description", text: "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh", title: "Vulnerability summary", }, { category: "other", text: "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22869", }, { category: "external", summary: "RHBZ#2348367", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348367", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22869", url: "https://www.cve.org/CVERecord?id=CVE-2025-22869", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22869", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22869", }, { category: "external", summary: "https://go.dev/cl/652135", url: "https://go.dev/cl/652135", }, { category: "external", summary: "https://go.dev/issue/71931", url: "https://go.dev/issue/71931", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3487", url: "https://pkg.go.dev/vuln/GO-2025-3487", }, ], release_date: "2025-02-26T03:07:48.855000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-25T19:58:29+00:00", details: "For more details, see the Red Hat Advanced Cluster Management for Kubernetes\ndocumentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.12/html/business_continuity/business-cont-overview#volsync", product_ids: [ "9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3172", }, { category: "workaround", details: "This flaw can be mitigated when using the client only connecting to trusted servers.", product_ids: [ "9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-RHACM-2.13:rhacm2/volsync-operator-bundle@sha256:472aeeb4b0c06a3676d4e509de1648c88ef640490817e0ea2af8c9ee39660515_amd64", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:66a98747656507d0b1dd379c8347ae2a738848998cec182716009d0a62a01b72_arm64", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:7208a20dea4ee2c543dd6719493000fcc4b5a00d52a3d076decfee0d00c01c13_s390x", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:a6d4413161a9a15d7dafee13f132d1d6ebb5fc82d32876b8bbe055733d12a283_ppc64le", "9Base-RHACM-2.13:rhacm2/volsync-rhel9@sha256:ab0e5a22a273e298802437e3b4d083c8cfc55da6c23a43d7c840b740248bf110_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh", }, ], }
rhsa-2025:3437
Vulnerability from csaf_redhat
Published
2025-04-01 04:50
Modified
2025-04-04 19:07
Summary
Red Hat Security Advisory: ACS 4.5 enhancement and security update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security (RHACS).
Details
This release of RHACS 4.5 includes the following bug fix:
Fixed a bug in which Scanner V4 would perform TLS validation even for integrations that have TLS validation disabled.
This release also addresses the following security vulnerabilities:
CVE-2025-22868
CVE-2025-22869
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated images are now available for Red Hat Advanced Cluster Security (RHACS).", title: "Topic", }, { category: "general", text: "This release of RHACS 4.5 includes the following bug fix:\n\nFixed a bug in which Scanner V4 would perform TLS validation even for integrations that have TLS validation disabled.\n\nThis release also addresses the following security vulnerabilities:\n\nCVE-2025-22868\nCVE-2025-22869", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3437", url: "https://access.redhat.com/errata/RHSA-2025:3437", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.5/html/release_notes/release-notes-45", url: "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.5/html/release_notes/release-notes-45", }, { category: "external", summary: "ROX-28601", url: "https://issues.redhat.com/browse/ROX-28601", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3437.json", }, ], title: "Red Hat Security Advisory: ACS 4.5 enhancement and security update", tracking: { current_release_date: "2025-04-04T19:07:50+00:00", generator: { date: "2025-04-04T19:07:50+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3437", initial_release_date: "2025-04-01T04:50:24+00:00", revision_history: [ { date: "2025-04-01T04:50:24+00:00", number: "1", summary: "Initial version", }, { date: "2025-04-01T04:50:24+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-04T19:07:50+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHACS 4.5 for RHEL 8", product: { name: "RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5", product_identification_helper: { cpe: "cpe:/a:redhat:advanced_cluster_security:4.5::el8", }, }, }, ], category: "product_family", name: "Red Hat Advanced Cluster Security for Kubernetes", }, { branches: [ { category: "product_version", name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:2cafb5fa71ab6b8c99e675342e151a241bc6e74b1778ce529a4ebfae3e3ca620_ppc64le", product: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:2cafb5fa71ab6b8c99e675342e151a241bc6e74b1778ce529a4ebfae3e3ca620_ppc64le", product_id: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:2cafb5fa71ab6b8c99e675342e151a241bc6e74b1778ce529a4ebfae3e3ca620_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-central-db-rhel8@sha256:2cafb5fa71ab6b8c99e675342e151a241bc6e74b1778ce529a4ebfae3e3ca620?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:dd9409a53b97d766675129ba0b54e6b4a091265a02c0e373cb37f98339e5716c_ppc64le", product: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:dd9409a53b97d766675129ba0b54e6b4a091265a02c0e373cb37f98339e5716c_ppc64le", product_id: "advanced-cluster-security/rhacs-collector-rhel8@sha256:dd9409a53b97d766675129ba0b54e6b4a091265a02c0e373cb37f98339e5716c_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-collector-rhel8@sha256:dd9409a53b97d766675129ba0b54e6b4a091265a02c0e373cb37f98339e5716c?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8&tag=4.5.8-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:88e0c7d9ab59e26d2d4202eec5955adfa22a08d2fd1ed2de3101071e157a2ce1_ppc64le", product: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:88e0c7d9ab59e26d2d4202eec5955adfa22a08d2fd1ed2de3101071e157a2ce1_ppc64le", product_id: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:88e0c7d9ab59e26d2d4202eec5955adfa22a08d2fd1ed2de3101071e157a2ce1_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-collector-slim-rhel8@sha256:88e0c7d9ab59e26d2d4202eec5955adfa22a08d2fd1ed2de3101071e157a2ce1?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8&tag=4.5.8-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-main-rhel8@sha256:260352973d0bc11ef9b18594eaa165a1cff1239dd83cabcfc37dcece4631903c_ppc64le", product: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:260352973d0bc11ef9b18594eaa165a1cff1239dd83cabcfc37dcece4631903c_ppc64le", product_id: "advanced-cluster-security/rhacs-main-rhel8@sha256:260352973d0bc11ef9b18594eaa165a1cff1239dd83cabcfc37dcece4631903c_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-main-rhel8@sha256:260352973d0bc11ef9b18594eaa165a1cff1239dd83cabcfc37dcece4631903c?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8&tag=4.5.8-5", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-operator-bundle@sha256:e890f117226469643fd93d0f5cce6800342e442d2955b7f59a5c845ee902ba8e_ppc64le", product: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:e890f117226469643fd93d0f5cce6800342e442d2955b7f59a5c845ee902ba8e_ppc64le", product_id: "advanced-cluster-security/rhacs-operator-bundle@sha256:e890f117226469643fd93d0f5cce6800342e442d2955b7f59a5c845ee902ba8e_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-operator-bundle@sha256:e890f117226469643fd93d0f5cce6800342e442d2955b7f59a5c845ee902ba8e?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:74c5bb7e387bc0775925c174ba132089c0d986a9edc8df64702b35f2732b317f_ppc64le", product: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:74c5bb7e387bc0775925c174ba132089c0d986a9edc8df64702b35f2732b317f_ppc64le", product_id: "advanced-cluster-security/rhacs-rhel8-operator@sha256:74c5bb7e387bc0775925c174ba132089c0d986a9edc8df64702b35f2732b317f_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-rhel8-operator@sha256:74c5bb7e387bc0775925c174ba132089c0d986a9edc8df64702b35f2732b317f?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c1ae51c87629f4892e3b4586f0059f32b8569851f06f59f726e1c5f9a65f9e95_ppc64le", product: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c1ae51c87629f4892e3b4586f0059f32b8569851f06f59f726e1c5f9a65f9e95_ppc64le", product_id: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c1ae51c87629f4892e3b4586f0059f32b8569851f06f59f726e1c5f9a65f9e95_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-roxctl-rhel8@sha256:c1ae51c87629f4892e3b4586f0059f32b8569851f06f59f726e1c5f9a65f9e95?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8&tag=4.5.8-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:0c69bf7a9039a1d343ba1940fcbe6e66f6dfa46d2b78e6ac70892cd847a4fc55_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:0c69bf7a9039a1d343ba1940fcbe6e66f6dfa46d2b78e6ac70892cd847a4fc55_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:0c69bf7a9039a1d343ba1940fcbe6e66f6dfa46d2b78e6ac70892cd847a4fc55_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-rhel8@sha256:0c69bf7a9039a1d343ba1940fcbe6e66f6dfa46d2b78e6ac70892cd847a4fc55?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c2af0e9bcfc1545c87faa1656058e6982eb0ad33ce49988d6201e5923e24b146_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c2af0e9bcfc1545c87faa1656058e6982eb0ad33ce49988d6201e5923e24b146_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c2af0e9bcfc1545c87faa1656058e6982eb0ad33ce49988d6201e5923e24b146_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-rhel8@sha256:c2af0e9bcfc1545c87faa1656058e6982eb0ad33ce49988d6201e5923e24b146?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:75825dd53baed3230fa15c3e3bc8b4153d43f6e3a3d1eaf7432ee8832df646ba_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:75825dd53baed3230fa15c3e3bc8b4153d43f6e3a3d1eaf7432ee8832df646ba_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:75825dd53baed3230fa15c3e3bc8b4153d43f6e3a3d1eaf7432ee8832df646ba_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:75825dd53baed3230fa15c3e3bc8b4153d43f6e3a3d1eaf7432ee8832df646ba?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f5f15a5ec355f883d1cb489f3ab88ad44395cbc714b6063a03792216130a3eb1_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f5f15a5ec355f883d1cb489f3ab88ad44395cbc714b6063a03792216130a3eb1_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f5f15a5ec355f883d1cb489f3ab88ad44395cbc714b6063a03792216130a3eb1_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-slim-rhel8@sha256:f5f15a5ec355f883d1cb489f3ab88ad44395cbc714b6063a03792216130a3eb1?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0b478464b036ee6bb27a55378f2ec1216d9eab088cffcffa820fd3ba0bec0f6f_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0b478464b036ee6bb27a55378f2ec1216d9eab088cffcffa820fd3ba0bec0f6f_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0b478464b036ee6bb27a55378f2ec1216d9eab088cffcffa820fd3ba0bec0f6f_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-rhel8@sha256:0b478464b036ee6bb27a55378f2ec1216d9eab088cffcffa820fd3ba0bec0f6f?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8&tag=4.5.8-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:22bd3dc2da5c705136597c161e94bfc0aa62e4f3522a026d302d72db60045a78_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:22bd3dc2da5c705136597c161e94bfc0aa62e4f3522a026d302d72db60045a78_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:22bd3dc2da5c705136597c161e94bfc0aa62e4f3522a026d302d72db60045a78_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:22bd3dc2da5c705136597c161e94bfc0aa62e4f3522a026d302d72db60045a78?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8&tag=4.5.8-3", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:252d56db8da16f6b018c29bc088584579b9dc8c773557626e39c2c21f4a33ef7_amd64", product: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:252d56db8da16f6b018c29bc088584579b9dc8c773557626e39c2c21f4a33ef7_amd64", product_id: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:252d56db8da16f6b018c29bc088584579b9dc8c773557626e39c2c21f4a33ef7_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-central-db-rhel8@sha256:252d56db8da16f6b018c29bc088584579b9dc8c773557626e39c2c21f4a33ef7?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:c580b5d8d9dd666772d2a89c6b8cabe302a061a39de04a33cf021c37530d9f34_amd64", product: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:c580b5d8d9dd666772d2a89c6b8cabe302a061a39de04a33cf021c37530d9f34_amd64", product_id: "advanced-cluster-security/rhacs-collector-rhel8@sha256:c580b5d8d9dd666772d2a89c6b8cabe302a061a39de04a33cf021c37530d9f34_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-collector-rhel8@sha256:c580b5d8d9dd666772d2a89c6b8cabe302a061a39de04a33cf021c37530d9f34?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8&tag=4.5.8-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d1bb55ff658ad2f3ab2c43bf39393063ccf78ed1c262ff947a807a0e4093497e_amd64", product: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d1bb55ff658ad2f3ab2c43bf39393063ccf78ed1c262ff947a807a0e4093497e_amd64", product_id: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d1bb55ff658ad2f3ab2c43bf39393063ccf78ed1c262ff947a807a0e4093497e_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-collector-slim-rhel8@sha256:d1bb55ff658ad2f3ab2c43bf39393063ccf78ed1c262ff947a807a0e4093497e?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8&tag=4.5.8-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-main-rhel8@sha256:a9810799bff68bda8d43f8645dd7374bb127e7d7a722cf1193effd853edb310c_amd64", product: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:a9810799bff68bda8d43f8645dd7374bb127e7d7a722cf1193effd853edb310c_amd64", product_id: "advanced-cluster-security/rhacs-main-rhel8@sha256:a9810799bff68bda8d43f8645dd7374bb127e7d7a722cf1193effd853edb310c_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-main-rhel8@sha256:a9810799bff68bda8d43f8645dd7374bb127e7d7a722cf1193effd853edb310c?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8&tag=4.5.8-5", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-operator-bundle@sha256:1e4c21f9a8098205cfd520627dcfdfca84c40c66e93698398a350647dc5fa1a1_amd64", product: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:1e4c21f9a8098205cfd520627dcfdfca84c40c66e93698398a350647dc5fa1a1_amd64", product_id: "advanced-cluster-security/rhacs-operator-bundle@sha256:1e4c21f9a8098205cfd520627dcfdfca84c40c66e93698398a350647dc5fa1a1_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-operator-bundle@sha256:1e4c21f9a8098205cfd520627dcfdfca84c40c66e93698398a350647dc5fa1a1?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:94ab1d45684e1942b3e273cfbbade6fe1ad48082afe538f6152b59f9781df2a0_amd64", product: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:94ab1d45684e1942b3e273cfbbade6fe1ad48082afe538f6152b59f9781df2a0_amd64", product_id: "advanced-cluster-security/rhacs-rhel8-operator@sha256:94ab1d45684e1942b3e273cfbbade6fe1ad48082afe538f6152b59f9781df2a0_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-rhel8-operator@sha256:94ab1d45684e1942b3e273cfbbade6fe1ad48082afe538f6152b59f9781df2a0?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:750f49ab5ce499be086b27a38ec2495c3cc0685ce27c93c3992d6404559c0789_amd64", product: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:750f49ab5ce499be086b27a38ec2495c3cc0685ce27c93c3992d6404559c0789_amd64", product_id: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:750f49ab5ce499be086b27a38ec2495c3cc0685ce27c93c3992d6404559c0789_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-roxctl-rhel8@sha256:750f49ab5ce499be086b27a38ec2495c3cc0685ce27c93c3992d6404559c0789?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8&tag=4.5.8-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:322ae4f2f75b8c66b9ec161580499a78edf3a7916742f534dd72ac73fa191cbd_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:322ae4f2f75b8c66b9ec161580499a78edf3a7916742f534dd72ac73fa191cbd_amd64", product_id: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:322ae4f2f75b8c66b9ec161580499a78edf3a7916742f534dd72ac73fa191cbd_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-rhel8@sha256:322ae4f2f75b8c66b9ec161580499a78edf3a7916742f534dd72ac73fa191cbd?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aefe066ba785518b314c1647c6223eab231a7d451f93a9b4cafa85cff705851f_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aefe066ba785518b314c1647c6223eab231a7d451f93a9b4cafa85cff705851f_amd64", product_id: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aefe066ba785518b314c1647c6223eab231a7d451f93a9b4cafa85cff705851f_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-rhel8@sha256:aefe066ba785518b314c1647c6223eab231a7d451f93a9b4cafa85cff705851f?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c39088995863e2ef3bfbcfeb43659f3ebf348f4aab9e4a67b0ed19cc06c5627a_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c39088995863e2ef3bfbcfeb43659f3ebf348f4aab9e4a67b0ed19cc06c5627a_amd64", product_id: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c39088995863e2ef3bfbcfeb43659f3ebf348f4aab9e4a67b0ed19cc06c5627a_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:c39088995863e2ef3bfbcfeb43659f3ebf348f4aab9e4a67b0ed19cc06c5627a?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e0f2e8695a7d40cede88f421ba53efa6758cd305d3d73fec4c5183e897ec2add_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e0f2e8695a7d40cede88f421ba53efa6758cd305d3d73fec4c5183e897ec2add_amd64", product_id: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e0f2e8695a7d40cede88f421ba53efa6758cd305d3d73fec4c5183e897ec2add_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-slim-rhel8@sha256:e0f2e8695a7d40cede88f421ba53efa6758cd305d3d73fec4c5183e897ec2add?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8070bc31a4c769780dc4d1ff6080d9abdfbc7a899b9ff38ed29ea0b4b60c0360_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8070bc31a4c769780dc4d1ff6080d9abdfbc7a899b9ff38ed29ea0b4b60c0360_amd64", product_id: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8070bc31a4c769780dc4d1ff6080d9abdfbc7a899b9ff38ed29ea0b4b60c0360_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-rhel8@sha256:8070bc31a4c769780dc4d1ff6080d9abdfbc7a899b9ff38ed29ea0b4b60c0360?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8&tag=4.5.8-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b6ab33b217c0e90742d732ab939f1e5f54526d9b44e917300ef5701f2af73fc5_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b6ab33b217c0e90742d732ab939f1e5f54526d9b44e917300ef5701f2af73fc5_amd64", product_id: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b6ab33b217c0e90742d732ab939f1e5f54526d9b44e917300ef5701f2af73fc5_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:b6ab33b217c0e90742d732ab939f1e5f54526d9b44e917300ef5701f2af73fc5?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8&tag=4.5.8-3", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:78f020fa2e2b41a121338a6804b187f577d6dd3cc52acd4a8175b891044b87dc_s390x", product: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:78f020fa2e2b41a121338a6804b187f577d6dd3cc52acd4a8175b891044b87dc_s390x", product_id: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:78f020fa2e2b41a121338a6804b187f577d6dd3cc52acd4a8175b891044b87dc_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-central-db-rhel8@sha256:78f020fa2e2b41a121338a6804b187f577d6dd3cc52acd4a8175b891044b87dc?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:311783c59fdc94d10b6713a718b29c49f685feffe8f586db3adcb347acf8c1fa_s390x", product: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:311783c59fdc94d10b6713a718b29c49f685feffe8f586db3adcb347acf8c1fa_s390x", product_id: "advanced-cluster-security/rhacs-collector-rhel8@sha256:311783c59fdc94d10b6713a718b29c49f685feffe8f586db3adcb347acf8c1fa_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-collector-rhel8@sha256:311783c59fdc94d10b6713a718b29c49f685feffe8f586db3adcb347acf8c1fa?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8&tag=4.5.8-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:017bf023a9935fa8a8a4470155d8d562e9977ab5ce0066d9125729b071de0ad4_s390x", product: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:017bf023a9935fa8a8a4470155d8d562e9977ab5ce0066d9125729b071de0ad4_s390x", product_id: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:017bf023a9935fa8a8a4470155d8d562e9977ab5ce0066d9125729b071de0ad4_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-collector-slim-rhel8@sha256:017bf023a9935fa8a8a4470155d8d562e9977ab5ce0066d9125729b071de0ad4?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8&tag=4.5.8-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-main-rhel8@sha256:6b1668188be2bdff894f3e268a99df669186568153c5bc0fd4b57d5ba730c037_s390x", product: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:6b1668188be2bdff894f3e268a99df669186568153c5bc0fd4b57d5ba730c037_s390x", product_id: "advanced-cluster-security/rhacs-main-rhel8@sha256:6b1668188be2bdff894f3e268a99df669186568153c5bc0fd4b57d5ba730c037_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-main-rhel8@sha256:6b1668188be2bdff894f3e268a99df669186568153c5bc0fd4b57d5ba730c037?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8&tag=4.5.8-5", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-operator-bundle@sha256:3803b1fedd70aa3364cd4a6d933caedfae10eeb61d16f6cb4afabed5bca2c70c_s390x", product: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:3803b1fedd70aa3364cd4a6d933caedfae10eeb61d16f6cb4afabed5bca2c70c_s390x", product_id: "advanced-cluster-security/rhacs-operator-bundle@sha256:3803b1fedd70aa3364cd4a6d933caedfae10eeb61d16f6cb4afabed5bca2c70c_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-operator-bundle@sha256:3803b1fedd70aa3364cd4a6d933caedfae10eeb61d16f6cb4afabed5bca2c70c?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:5d6eb145736545f4c8566e75edb2d40a0e65499ba189bd160c759291d5bfa235_s390x", product: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:5d6eb145736545f4c8566e75edb2d40a0e65499ba189bd160c759291d5bfa235_s390x", product_id: "advanced-cluster-security/rhacs-rhel8-operator@sha256:5d6eb145736545f4c8566e75edb2d40a0e65499ba189bd160c759291d5bfa235_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-rhel8-operator@sha256:5d6eb145736545f4c8566e75edb2d40a0e65499ba189bd160c759291d5bfa235?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:67729231ca71fd33bd4a967a78a27c0f8f69623f37c1e39116c273eb5915334d_s390x", product: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:67729231ca71fd33bd4a967a78a27c0f8f69623f37c1e39116c273eb5915334d_s390x", product_id: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:67729231ca71fd33bd4a967a78a27c0f8f69623f37c1e39116c273eb5915334d_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-roxctl-rhel8@sha256:67729231ca71fd33bd4a967a78a27c0f8f69623f37c1e39116c273eb5915334d?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8&tag=4.5.8-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e7205874eada2be89406906bd2c159e96195690a6e3575468814b0b76d9c7c5_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e7205874eada2be89406906bd2c159e96195690a6e3575468814b0b76d9c7c5_s390x", product_id: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e7205874eada2be89406906bd2c159e96195690a6e3575468814b0b76d9c7c5_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-rhel8@sha256:9e7205874eada2be89406906bd2c159e96195690a6e3575468814b0b76d9c7c5?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a454ad4ef2c41ca76af2c589c26de07c1796b81460c1168815b06e5eaec24b24_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a454ad4ef2c41ca76af2c589c26de07c1796b81460c1168815b06e5eaec24b24_s390x", product_id: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a454ad4ef2c41ca76af2c589c26de07c1796b81460c1168815b06e5eaec24b24_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-rhel8@sha256:a454ad4ef2c41ca76af2c589c26de07c1796b81460c1168815b06e5eaec24b24?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b408c2f94bdabe114dad06e8474413ed217601de004e505c4a18d4bb2f80d89_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b408c2f94bdabe114dad06e8474413ed217601de004e505c4a18d4bb2f80d89_s390x", product_id: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b408c2f94bdabe114dad06e8474413ed217601de004e505c4a18d4bb2f80d89_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:1b408c2f94bdabe114dad06e8474413ed217601de004e505c4a18d4bb2f80d89?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:66033dea44b4cdec9bd2206e6fade9ad93d739eec04d995274cdaa869d52df7b_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:66033dea44b4cdec9bd2206e6fade9ad93d739eec04d995274cdaa869d52df7b_s390x", product_id: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:66033dea44b4cdec9bd2206e6fade9ad93d739eec04d995274cdaa869d52df7b_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-slim-rhel8@sha256:66033dea44b4cdec9bd2206e6fade9ad93d739eec04d995274cdaa869d52df7b?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8&tag=4.5.8-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b025a3169c9707673a055f79f65348f803f1def03b48c5edfb170fe9dfb54c49_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b025a3169c9707673a055f79f65348f803f1def03b48c5edfb170fe9dfb54c49_s390x", product_id: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b025a3169c9707673a055f79f65348f803f1def03b48c5edfb170fe9dfb54c49_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-rhel8@sha256:b025a3169c9707673a055f79f65348f803f1def03b48c5edfb170fe9dfb54c49?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8&tag=4.5.8-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b0b04f342363bdd535d51ba95c2aca6d0aaff3640a29dbdf108ad235b06421b_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b0b04f342363bdd535d51ba95c2aca6d0aaff3640a29dbdf108ad235b06421b_s390x", product_id: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b0b04f342363bdd535d51ba95c2aca6d0aaff3640a29dbdf108ad235b06421b_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:5b0b04f342363bdd535d51ba95c2aca6d0aaff3640a29dbdf108ad235b06421b?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8&tag=4.5.8-3", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:252d56db8da16f6b018c29bc088584579b9dc8c773557626e39c2c21f4a33ef7_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:252d56db8da16f6b018c29bc088584579b9dc8c773557626e39c2c21f4a33ef7_amd64", }, product_reference: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:252d56db8da16f6b018c29bc088584579b9dc8c773557626e39c2c21f4a33ef7_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:2cafb5fa71ab6b8c99e675342e151a241bc6e74b1778ce529a4ebfae3e3ca620_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2cafb5fa71ab6b8c99e675342e151a241bc6e74b1778ce529a4ebfae3e3ca620_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:2cafb5fa71ab6b8c99e675342e151a241bc6e74b1778ce529a4ebfae3e3ca620_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:78f020fa2e2b41a121338a6804b187f577d6dd3cc52acd4a8175b891044b87dc_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78f020fa2e2b41a121338a6804b187f577d6dd3cc52acd4a8175b891044b87dc_s390x", }, product_reference: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:78f020fa2e2b41a121338a6804b187f577d6dd3cc52acd4a8175b891044b87dc_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:311783c59fdc94d10b6713a718b29c49f685feffe8f586db3adcb347acf8c1fa_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:311783c59fdc94d10b6713a718b29c49f685feffe8f586db3adcb347acf8c1fa_s390x", }, product_reference: "advanced-cluster-security/rhacs-collector-rhel8@sha256:311783c59fdc94d10b6713a718b29c49f685feffe8f586db3adcb347acf8c1fa_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:c580b5d8d9dd666772d2a89c6b8cabe302a061a39de04a33cf021c37530d9f34_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:c580b5d8d9dd666772d2a89c6b8cabe302a061a39de04a33cf021c37530d9f34_amd64", }, product_reference: "advanced-cluster-security/rhacs-collector-rhel8@sha256:c580b5d8d9dd666772d2a89c6b8cabe302a061a39de04a33cf021c37530d9f34_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:dd9409a53b97d766675129ba0b54e6b4a091265a02c0e373cb37f98339e5716c_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dd9409a53b97d766675129ba0b54e6b4a091265a02c0e373cb37f98339e5716c_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-collector-rhel8@sha256:dd9409a53b97d766675129ba0b54e6b4a091265a02c0e373cb37f98339e5716c_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:017bf023a9935fa8a8a4470155d8d562e9977ab5ce0066d9125729b071de0ad4_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:017bf023a9935fa8a8a4470155d8d562e9977ab5ce0066d9125729b071de0ad4_s390x", }, product_reference: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:017bf023a9935fa8a8a4470155d8d562e9977ab5ce0066d9125729b071de0ad4_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:88e0c7d9ab59e26d2d4202eec5955adfa22a08d2fd1ed2de3101071e157a2ce1_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:88e0c7d9ab59e26d2d4202eec5955adfa22a08d2fd1ed2de3101071e157a2ce1_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:88e0c7d9ab59e26d2d4202eec5955adfa22a08d2fd1ed2de3101071e157a2ce1_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d1bb55ff658ad2f3ab2c43bf39393063ccf78ed1c262ff947a807a0e4093497e_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d1bb55ff658ad2f3ab2c43bf39393063ccf78ed1c262ff947a807a0e4093497e_amd64", }, product_reference: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d1bb55ff658ad2f3ab2c43bf39393063ccf78ed1c262ff947a807a0e4093497e_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:260352973d0bc11ef9b18594eaa165a1cff1239dd83cabcfc37dcece4631903c_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:260352973d0bc11ef9b18594eaa165a1cff1239dd83cabcfc37dcece4631903c_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-main-rhel8@sha256:260352973d0bc11ef9b18594eaa165a1cff1239dd83cabcfc37dcece4631903c_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:6b1668188be2bdff894f3e268a99df669186568153c5bc0fd4b57d5ba730c037_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:6b1668188be2bdff894f3e268a99df669186568153c5bc0fd4b57d5ba730c037_s390x", }, product_reference: "advanced-cluster-security/rhacs-main-rhel8@sha256:6b1668188be2bdff894f3e268a99df669186568153c5bc0fd4b57d5ba730c037_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:a9810799bff68bda8d43f8645dd7374bb127e7d7a722cf1193effd853edb310c_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a9810799bff68bda8d43f8645dd7374bb127e7d7a722cf1193effd853edb310c_amd64", }, product_reference: "advanced-cluster-security/rhacs-main-rhel8@sha256:a9810799bff68bda8d43f8645dd7374bb127e7d7a722cf1193effd853edb310c_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:1e4c21f9a8098205cfd520627dcfdfca84c40c66e93698398a350647dc5fa1a1_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1e4c21f9a8098205cfd520627dcfdfca84c40c66e93698398a350647dc5fa1a1_amd64", }, product_reference: "advanced-cluster-security/rhacs-operator-bundle@sha256:1e4c21f9a8098205cfd520627dcfdfca84c40c66e93698398a350647dc5fa1a1_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:3803b1fedd70aa3364cd4a6d933caedfae10eeb61d16f6cb4afabed5bca2c70c_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:3803b1fedd70aa3364cd4a6d933caedfae10eeb61d16f6cb4afabed5bca2c70c_s390x", }, product_reference: "advanced-cluster-security/rhacs-operator-bundle@sha256:3803b1fedd70aa3364cd4a6d933caedfae10eeb61d16f6cb4afabed5bca2c70c_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:e890f117226469643fd93d0f5cce6800342e442d2955b7f59a5c845ee902ba8e_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:e890f117226469643fd93d0f5cce6800342e442d2955b7f59a5c845ee902ba8e_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-operator-bundle@sha256:e890f117226469643fd93d0f5cce6800342e442d2955b7f59a5c845ee902ba8e_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:5d6eb145736545f4c8566e75edb2d40a0e65499ba189bd160c759291d5bfa235_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d6eb145736545f4c8566e75edb2d40a0e65499ba189bd160c759291d5bfa235_s390x", }, product_reference: "advanced-cluster-security/rhacs-rhel8-operator@sha256:5d6eb145736545f4c8566e75edb2d40a0e65499ba189bd160c759291d5bfa235_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:74c5bb7e387bc0775925c174ba132089c0d986a9edc8df64702b35f2732b317f_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c5bb7e387bc0775925c174ba132089c0d986a9edc8df64702b35f2732b317f_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-rhel8-operator@sha256:74c5bb7e387bc0775925c174ba132089c0d986a9edc8df64702b35f2732b317f_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:94ab1d45684e1942b3e273cfbbade6fe1ad48082afe538f6152b59f9781df2a0_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:94ab1d45684e1942b3e273cfbbade6fe1ad48082afe538f6152b59f9781df2a0_amd64", }, product_reference: "advanced-cluster-security/rhacs-rhel8-operator@sha256:94ab1d45684e1942b3e273cfbbade6fe1ad48082afe538f6152b59f9781df2a0_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:67729231ca71fd33bd4a967a78a27c0f8f69623f37c1e39116c273eb5915334d_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:67729231ca71fd33bd4a967a78a27c0f8f69623f37c1e39116c273eb5915334d_s390x", }, product_reference: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:67729231ca71fd33bd4a967a78a27c0f8f69623f37c1e39116c273eb5915334d_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:750f49ab5ce499be086b27a38ec2495c3cc0685ce27c93c3992d6404559c0789_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:750f49ab5ce499be086b27a38ec2495c3cc0685ce27c93c3992d6404559c0789_amd64", }, product_reference: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:750f49ab5ce499be086b27a38ec2495c3cc0685ce27c93c3992d6404559c0789_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c1ae51c87629f4892e3b4586f0059f32b8569851f06f59f726e1c5f9a65f9e95_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c1ae51c87629f4892e3b4586f0059f32b8569851f06f59f726e1c5f9a65f9e95_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c1ae51c87629f4892e3b4586f0059f32b8569851f06f59f726e1c5f9a65f9e95_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a454ad4ef2c41ca76af2c589c26de07c1796b81460c1168815b06e5eaec24b24_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a454ad4ef2c41ca76af2c589c26de07c1796b81460c1168815b06e5eaec24b24_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a454ad4ef2c41ca76af2c589c26de07c1796b81460c1168815b06e5eaec24b24_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aefe066ba785518b314c1647c6223eab231a7d451f93a9b4cafa85cff705851f_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aefe066ba785518b314c1647c6223eab231a7d451f93a9b4cafa85cff705851f_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aefe066ba785518b314c1647c6223eab231a7d451f93a9b4cafa85cff705851f_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c2af0e9bcfc1545c87faa1656058e6982eb0ad33ce49988d6201e5923e24b146_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c2af0e9bcfc1545c87faa1656058e6982eb0ad33ce49988d6201e5923e24b146_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c2af0e9bcfc1545c87faa1656058e6982eb0ad33ce49988d6201e5923e24b146_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b408c2f94bdabe114dad06e8474413ed217601de004e505c4a18d4bb2f80d89_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b408c2f94bdabe114dad06e8474413ed217601de004e505c4a18d4bb2f80d89_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b408c2f94bdabe114dad06e8474413ed217601de004e505c4a18d4bb2f80d89_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:75825dd53baed3230fa15c3e3bc8b4153d43f6e3a3d1eaf7432ee8832df646ba_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:75825dd53baed3230fa15c3e3bc8b4153d43f6e3a3d1eaf7432ee8832df646ba_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:75825dd53baed3230fa15c3e3bc8b4153d43f6e3a3d1eaf7432ee8832df646ba_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c39088995863e2ef3bfbcfeb43659f3ebf348f4aab9e4a67b0ed19cc06c5627a_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c39088995863e2ef3bfbcfeb43659f3ebf348f4aab9e4a67b0ed19cc06c5627a_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c39088995863e2ef3bfbcfeb43659f3ebf348f4aab9e4a67b0ed19cc06c5627a_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:0c69bf7a9039a1d343ba1940fcbe6e66f6dfa46d2b78e6ac70892cd847a4fc55_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:0c69bf7a9039a1d343ba1940fcbe6e66f6dfa46d2b78e6ac70892cd847a4fc55_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:0c69bf7a9039a1d343ba1940fcbe6e66f6dfa46d2b78e6ac70892cd847a4fc55_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:322ae4f2f75b8c66b9ec161580499a78edf3a7916742f534dd72ac73fa191cbd_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:322ae4f2f75b8c66b9ec161580499a78edf3a7916742f534dd72ac73fa191cbd_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:322ae4f2f75b8c66b9ec161580499a78edf3a7916742f534dd72ac73fa191cbd_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e7205874eada2be89406906bd2c159e96195690a6e3575468814b0b76d9c7c5_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e7205874eada2be89406906bd2c159e96195690a6e3575468814b0b76d9c7c5_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e7205874eada2be89406906bd2c159e96195690a6e3575468814b0b76d9c7c5_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:66033dea44b4cdec9bd2206e6fade9ad93d739eec04d995274cdaa869d52df7b_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:66033dea44b4cdec9bd2206e6fade9ad93d739eec04d995274cdaa869d52df7b_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:66033dea44b4cdec9bd2206e6fade9ad93d739eec04d995274cdaa869d52df7b_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e0f2e8695a7d40cede88f421ba53efa6758cd305d3d73fec4c5183e897ec2add_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e0f2e8695a7d40cede88f421ba53efa6758cd305d3d73fec4c5183e897ec2add_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e0f2e8695a7d40cede88f421ba53efa6758cd305d3d73fec4c5183e897ec2add_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f5f15a5ec355f883d1cb489f3ab88ad44395cbc714b6063a03792216130a3eb1_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f5f15a5ec355f883d1cb489f3ab88ad44395cbc714b6063a03792216130a3eb1_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f5f15a5ec355f883d1cb489f3ab88ad44395cbc714b6063a03792216130a3eb1_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:22bd3dc2da5c705136597c161e94bfc0aa62e4f3522a026d302d72db60045a78_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:22bd3dc2da5c705136597c161e94bfc0aa62e4f3522a026d302d72db60045a78_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:22bd3dc2da5c705136597c161e94bfc0aa62e4f3522a026d302d72db60045a78_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b0b04f342363bdd535d51ba95c2aca6d0aaff3640a29dbdf108ad235b06421b_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b0b04f342363bdd535d51ba95c2aca6d0aaff3640a29dbdf108ad235b06421b_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b0b04f342363bdd535d51ba95c2aca6d0aaff3640a29dbdf108ad235b06421b_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b6ab33b217c0e90742d732ab939f1e5f54526d9b44e917300ef5701f2af73fc5_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b6ab33b217c0e90742d732ab939f1e5f54526d9b44e917300ef5701f2af73fc5_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b6ab33b217c0e90742d732ab939f1e5f54526d9b44e917300ef5701f2af73fc5_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0b478464b036ee6bb27a55378f2ec1216d9eab088cffcffa820fd3ba0bec0f6f_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0b478464b036ee6bb27a55378f2ec1216d9eab088cffcffa820fd3ba0bec0f6f_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0b478464b036ee6bb27a55378f2ec1216d9eab088cffcffa820fd3ba0bec0f6f_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8070bc31a4c769780dc4d1ff6080d9abdfbc7a899b9ff38ed29ea0b4b60c0360_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8070bc31a4c769780dc4d1ff6080d9abdfbc7a899b9ff38ed29ea0b4b60c0360_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8070bc31a4c769780dc4d1ff6080d9abdfbc7a899b9ff38ed29ea0b4b60c0360_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b025a3169c9707673a055f79f65348f803f1def03b48c5edfb170fe9dfb54c49_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b025a3169c9707673a055f79f65348f803f1def03b48c5edfb170fe9dfb54c49_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b025a3169c9707673a055f79f65348f803f1def03b48c5edfb170fe9dfb54c49_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "jub0bs", ], }, ], cve: "CVE-2025-22868", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, discovery_date: "2025-02-26T04:00:44.350024+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2348366", }, ], notes: [ { category: "description", text: "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:252d56db8da16f6b018c29bc088584579b9dc8c773557626e39c2c21f4a33ef7_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2cafb5fa71ab6b8c99e675342e151a241bc6e74b1778ce529a4ebfae3e3ca620_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78f020fa2e2b41a121338a6804b187f577d6dd3cc52acd4a8175b891044b87dc_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:311783c59fdc94d10b6713a718b29c49f685feffe8f586db3adcb347acf8c1fa_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:c580b5d8d9dd666772d2a89c6b8cabe302a061a39de04a33cf021c37530d9f34_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dd9409a53b97d766675129ba0b54e6b4a091265a02c0e373cb37f98339e5716c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:017bf023a9935fa8a8a4470155d8d562e9977ab5ce0066d9125729b071de0ad4_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:88e0c7d9ab59e26d2d4202eec5955adfa22a08d2fd1ed2de3101071e157a2ce1_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d1bb55ff658ad2f3ab2c43bf39393063ccf78ed1c262ff947a807a0e4093497e_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:260352973d0bc11ef9b18594eaa165a1cff1239dd83cabcfc37dcece4631903c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:6b1668188be2bdff894f3e268a99df669186568153c5bc0fd4b57d5ba730c037_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a9810799bff68bda8d43f8645dd7374bb127e7d7a722cf1193effd853edb310c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1e4c21f9a8098205cfd520627dcfdfca84c40c66e93698398a350647dc5fa1a1_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:3803b1fedd70aa3364cd4a6d933caedfae10eeb61d16f6cb4afabed5bca2c70c_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:e890f117226469643fd93d0f5cce6800342e442d2955b7f59a5c845ee902ba8e_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d6eb145736545f4c8566e75edb2d40a0e65499ba189bd160c759291d5bfa235_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c5bb7e387bc0775925c174ba132089c0d986a9edc8df64702b35f2732b317f_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:94ab1d45684e1942b3e273cfbbade6fe1ad48082afe538f6152b59f9781df2a0_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:67729231ca71fd33bd4a967a78a27c0f8f69623f37c1e39116c273eb5915334d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:750f49ab5ce499be086b27a38ec2495c3cc0685ce27c93c3992d6404559c0789_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c1ae51c87629f4892e3b4586f0059f32b8569851f06f59f726e1c5f9a65f9e95_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a454ad4ef2c41ca76af2c589c26de07c1796b81460c1168815b06e5eaec24b24_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aefe066ba785518b314c1647c6223eab231a7d451f93a9b4cafa85cff705851f_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c2af0e9bcfc1545c87faa1656058e6982eb0ad33ce49988d6201e5923e24b146_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b408c2f94bdabe114dad06e8474413ed217601de004e505c4a18d4bb2f80d89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:75825dd53baed3230fa15c3e3bc8b4153d43f6e3a3d1eaf7432ee8832df646ba_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c39088995863e2ef3bfbcfeb43659f3ebf348f4aab9e4a67b0ed19cc06c5627a_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:0c69bf7a9039a1d343ba1940fcbe6e66f6dfa46d2b78e6ac70892cd847a4fc55_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:322ae4f2f75b8c66b9ec161580499a78edf3a7916742f534dd72ac73fa191cbd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e7205874eada2be89406906bd2c159e96195690a6e3575468814b0b76d9c7c5_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:66033dea44b4cdec9bd2206e6fade9ad93d739eec04d995274cdaa869d52df7b_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e0f2e8695a7d40cede88f421ba53efa6758cd305d3d73fec4c5183e897ec2add_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f5f15a5ec355f883d1cb489f3ab88ad44395cbc714b6063a03792216130a3eb1_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:22bd3dc2da5c705136597c161e94bfc0aa62e4f3522a026d302d72db60045a78_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b0b04f342363bdd535d51ba95c2aca6d0aaff3640a29dbdf108ad235b06421b_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b6ab33b217c0e90742d732ab939f1e5f54526d9b44e917300ef5701f2af73fc5_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0b478464b036ee6bb27a55378f2ec1216d9eab088cffcffa820fd3ba0bec0f6f_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8070bc31a4c769780dc4d1ff6080d9abdfbc7a899b9ff38ed29ea0b4b60c0360_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b025a3169c9707673a055f79f65348f803f1def03b48c5edfb170fe9dfb54c49_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "RHBZ#2348366", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348366", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22868", url: "https://www.cve.org/CVERecord?id=CVE-2025-22868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", }, { category: "external", summary: "https://go.dev/cl/652155", url: "https://go.dev/cl/652155", }, { category: "external", summary: "https://go.dev/issue/71490", url: "https://go.dev/issue/71490", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3488", url: "https://pkg.go.dev/vuln/GO-2025-3488", }, ], release_date: "2025-02-26T03:07:49.012000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T04:50:24+00:00", details: "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to patch release 4.5.8.", product_ids: [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:252d56db8da16f6b018c29bc088584579b9dc8c773557626e39c2c21f4a33ef7_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2cafb5fa71ab6b8c99e675342e151a241bc6e74b1778ce529a4ebfae3e3ca620_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78f020fa2e2b41a121338a6804b187f577d6dd3cc52acd4a8175b891044b87dc_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:311783c59fdc94d10b6713a718b29c49f685feffe8f586db3adcb347acf8c1fa_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:c580b5d8d9dd666772d2a89c6b8cabe302a061a39de04a33cf021c37530d9f34_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dd9409a53b97d766675129ba0b54e6b4a091265a02c0e373cb37f98339e5716c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:017bf023a9935fa8a8a4470155d8d562e9977ab5ce0066d9125729b071de0ad4_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:88e0c7d9ab59e26d2d4202eec5955adfa22a08d2fd1ed2de3101071e157a2ce1_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d1bb55ff658ad2f3ab2c43bf39393063ccf78ed1c262ff947a807a0e4093497e_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:260352973d0bc11ef9b18594eaa165a1cff1239dd83cabcfc37dcece4631903c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:6b1668188be2bdff894f3e268a99df669186568153c5bc0fd4b57d5ba730c037_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a9810799bff68bda8d43f8645dd7374bb127e7d7a722cf1193effd853edb310c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1e4c21f9a8098205cfd520627dcfdfca84c40c66e93698398a350647dc5fa1a1_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:3803b1fedd70aa3364cd4a6d933caedfae10eeb61d16f6cb4afabed5bca2c70c_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:e890f117226469643fd93d0f5cce6800342e442d2955b7f59a5c845ee902ba8e_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d6eb145736545f4c8566e75edb2d40a0e65499ba189bd160c759291d5bfa235_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c5bb7e387bc0775925c174ba132089c0d986a9edc8df64702b35f2732b317f_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:94ab1d45684e1942b3e273cfbbade6fe1ad48082afe538f6152b59f9781df2a0_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:67729231ca71fd33bd4a967a78a27c0f8f69623f37c1e39116c273eb5915334d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:750f49ab5ce499be086b27a38ec2495c3cc0685ce27c93c3992d6404559c0789_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c1ae51c87629f4892e3b4586f0059f32b8569851f06f59f726e1c5f9a65f9e95_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a454ad4ef2c41ca76af2c589c26de07c1796b81460c1168815b06e5eaec24b24_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aefe066ba785518b314c1647c6223eab231a7d451f93a9b4cafa85cff705851f_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c2af0e9bcfc1545c87faa1656058e6982eb0ad33ce49988d6201e5923e24b146_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b408c2f94bdabe114dad06e8474413ed217601de004e505c4a18d4bb2f80d89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:75825dd53baed3230fa15c3e3bc8b4153d43f6e3a3d1eaf7432ee8832df646ba_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c39088995863e2ef3bfbcfeb43659f3ebf348f4aab9e4a67b0ed19cc06c5627a_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:0c69bf7a9039a1d343ba1940fcbe6e66f6dfa46d2b78e6ac70892cd847a4fc55_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:322ae4f2f75b8c66b9ec161580499a78edf3a7916742f534dd72ac73fa191cbd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e7205874eada2be89406906bd2c159e96195690a6e3575468814b0b76d9c7c5_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:66033dea44b4cdec9bd2206e6fade9ad93d739eec04d995274cdaa869d52df7b_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e0f2e8695a7d40cede88f421ba53efa6758cd305d3d73fec4c5183e897ec2add_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f5f15a5ec355f883d1cb489f3ab88ad44395cbc714b6063a03792216130a3eb1_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:22bd3dc2da5c705136597c161e94bfc0aa62e4f3522a026d302d72db60045a78_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b0b04f342363bdd535d51ba95c2aca6d0aaff3640a29dbdf108ad235b06421b_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b6ab33b217c0e90742d732ab939f1e5f54526d9b44e917300ef5701f2af73fc5_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0b478464b036ee6bb27a55378f2ec1216d9eab088cffcffa820fd3ba0bec0f6f_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8070bc31a4c769780dc4d1ff6080d9abdfbc7a899b9ff38ed29ea0b4b60c0360_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b025a3169c9707673a055f79f65348f803f1def03b48c5edfb170fe9dfb54c49_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3437", }, { category: "workaround", details: "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.", product_ids: [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:252d56db8da16f6b018c29bc088584579b9dc8c773557626e39c2c21f4a33ef7_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2cafb5fa71ab6b8c99e675342e151a241bc6e74b1778ce529a4ebfae3e3ca620_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78f020fa2e2b41a121338a6804b187f577d6dd3cc52acd4a8175b891044b87dc_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:311783c59fdc94d10b6713a718b29c49f685feffe8f586db3adcb347acf8c1fa_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:c580b5d8d9dd666772d2a89c6b8cabe302a061a39de04a33cf021c37530d9f34_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dd9409a53b97d766675129ba0b54e6b4a091265a02c0e373cb37f98339e5716c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:017bf023a9935fa8a8a4470155d8d562e9977ab5ce0066d9125729b071de0ad4_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:88e0c7d9ab59e26d2d4202eec5955adfa22a08d2fd1ed2de3101071e157a2ce1_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d1bb55ff658ad2f3ab2c43bf39393063ccf78ed1c262ff947a807a0e4093497e_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:260352973d0bc11ef9b18594eaa165a1cff1239dd83cabcfc37dcece4631903c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:6b1668188be2bdff894f3e268a99df669186568153c5bc0fd4b57d5ba730c037_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a9810799bff68bda8d43f8645dd7374bb127e7d7a722cf1193effd853edb310c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1e4c21f9a8098205cfd520627dcfdfca84c40c66e93698398a350647dc5fa1a1_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:3803b1fedd70aa3364cd4a6d933caedfae10eeb61d16f6cb4afabed5bca2c70c_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:e890f117226469643fd93d0f5cce6800342e442d2955b7f59a5c845ee902ba8e_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d6eb145736545f4c8566e75edb2d40a0e65499ba189bd160c759291d5bfa235_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c5bb7e387bc0775925c174ba132089c0d986a9edc8df64702b35f2732b317f_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:94ab1d45684e1942b3e273cfbbade6fe1ad48082afe538f6152b59f9781df2a0_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:67729231ca71fd33bd4a967a78a27c0f8f69623f37c1e39116c273eb5915334d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:750f49ab5ce499be086b27a38ec2495c3cc0685ce27c93c3992d6404559c0789_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c1ae51c87629f4892e3b4586f0059f32b8569851f06f59f726e1c5f9a65f9e95_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a454ad4ef2c41ca76af2c589c26de07c1796b81460c1168815b06e5eaec24b24_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aefe066ba785518b314c1647c6223eab231a7d451f93a9b4cafa85cff705851f_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c2af0e9bcfc1545c87faa1656058e6982eb0ad33ce49988d6201e5923e24b146_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b408c2f94bdabe114dad06e8474413ed217601de004e505c4a18d4bb2f80d89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:75825dd53baed3230fa15c3e3bc8b4153d43f6e3a3d1eaf7432ee8832df646ba_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c39088995863e2ef3bfbcfeb43659f3ebf348f4aab9e4a67b0ed19cc06c5627a_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:0c69bf7a9039a1d343ba1940fcbe6e66f6dfa46d2b78e6ac70892cd847a4fc55_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:322ae4f2f75b8c66b9ec161580499a78edf3a7916742f534dd72ac73fa191cbd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e7205874eada2be89406906bd2c159e96195690a6e3575468814b0b76d9c7c5_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:66033dea44b4cdec9bd2206e6fade9ad93d739eec04d995274cdaa869d52df7b_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e0f2e8695a7d40cede88f421ba53efa6758cd305d3d73fec4c5183e897ec2add_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f5f15a5ec355f883d1cb489f3ab88ad44395cbc714b6063a03792216130a3eb1_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:22bd3dc2da5c705136597c161e94bfc0aa62e4f3522a026d302d72db60045a78_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b0b04f342363bdd535d51ba95c2aca6d0aaff3640a29dbdf108ad235b06421b_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b6ab33b217c0e90742d732ab939f1e5f54526d9b44e917300ef5701f2af73fc5_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0b478464b036ee6bb27a55378f2ec1216d9eab088cffcffa820fd3ba0bec0f6f_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8070bc31a4c769780dc4d1ff6080d9abdfbc7a899b9ff38ed29ea0b4b60c0360_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b025a3169c9707673a055f79f65348f803f1def03b48c5edfb170fe9dfb54c49_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:252d56db8da16f6b018c29bc088584579b9dc8c773557626e39c2c21f4a33ef7_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2cafb5fa71ab6b8c99e675342e151a241bc6e74b1778ce529a4ebfae3e3ca620_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78f020fa2e2b41a121338a6804b187f577d6dd3cc52acd4a8175b891044b87dc_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:311783c59fdc94d10b6713a718b29c49f685feffe8f586db3adcb347acf8c1fa_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:c580b5d8d9dd666772d2a89c6b8cabe302a061a39de04a33cf021c37530d9f34_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dd9409a53b97d766675129ba0b54e6b4a091265a02c0e373cb37f98339e5716c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:017bf023a9935fa8a8a4470155d8d562e9977ab5ce0066d9125729b071de0ad4_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:88e0c7d9ab59e26d2d4202eec5955adfa22a08d2fd1ed2de3101071e157a2ce1_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d1bb55ff658ad2f3ab2c43bf39393063ccf78ed1c262ff947a807a0e4093497e_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:260352973d0bc11ef9b18594eaa165a1cff1239dd83cabcfc37dcece4631903c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:6b1668188be2bdff894f3e268a99df669186568153c5bc0fd4b57d5ba730c037_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a9810799bff68bda8d43f8645dd7374bb127e7d7a722cf1193effd853edb310c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1e4c21f9a8098205cfd520627dcfdfca84c40c66e93698398a350647dc5fa1a1_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:3803b1fedd70aa3364cd4a6d933caedfae10eeb61d16f6cb4afabed5bca2c70c_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:e890f117226469643fd93d0f5cce6800342e442d2955b7f59a5c845ee902ba8e_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d6eb145736545f4c8566e75edb2d40a0e65499ba189bd160c759291d5bfa235_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c5bb7e387bc0775925c174ba132089c0d986a9edc8df64702b35f2732b317f_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:94ab1d45684e1942b3e273cfbbade6fe1ad48082afe538f6152b59f9781df2a0_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:67729231ca71fd33bd4a967a78a27c0f8f69623f37c1e39116c273eb5915334d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:750f49ab5ce499be086b27a38ec2495c3cc0685ce27c93c3992d6404559c0789_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c1ae51c87629f4892e3b4586f0059f32b8569851f06f59f726e1c5f9a65f9e95_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a454ad4ef2c41ca76af2c589c26de07c1796b81460c1168815b06e5eaec24b24_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aefe066ba785518b314c1647c6223eab231a7d451f93a9b4cafa85cff705851f_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c2af0e9bcfc1545c87faa1656058e6982eb0ad33ce49988d6201e5923e24b146_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b408c2f94bdabe114dad06e8474413ed217601de004e505c4a18d4bb2f80d89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:75825dd53baed3230fa15c3e3bc8b4153d43f6e3a3d1eaf7432ee8832df646ba_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c39088995863e2ef3bfbcfeb43659f3ebf348f4aab9e4a67b0ed19cc06c5627a_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:0c69bf7a9039a1d343ba1940fcbe6e66f6dfa46d2b78e6ac70892cd847a4fc55_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:322ae4f2f75b8c66b9ec161580499a78edf3a7916742f534dd72ac73fa191cbd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e7205874eada2be89406906bd2c159e96195690a6e3575468814b0b76d9c7c5_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:66033dea44b4cdec9bd2206e6fade9ad93d739eec04d995274cdaa869d52df7b_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e0f2e8695a7d40cede88f421ba53efa6758cd305d3d73fec4c5183e897ec2add_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f5f15a5ec355f883d1cb489f3ab88ad44395cbc714b6063a03792216130a3eb1_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:22bd3dc2da5c705136597c161e94bfc0aa62e4f3522a026d302d72db60045a78_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b0b04f342363bdd535d51ba95c2aca6d0aaff3640a29dbdf108ad235b06421b_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b6ab33b217c0e90742d732ab939f1e5f54526d9b44e917300ef5701f2af73fc5_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0b478464b036ee6bb27a55378f2ec1216d9eab088cffcffa820fd3ba0bec0f6f_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8070bc31a4c769780dc4d1ff6080d9abdfbc7a899b9ff38ed29ea0b4b60c0360_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b025a3169c9707673a055f79f65348f803f1def03b48c5edfb170fe9dfb54c49_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", }, { cve: "CVE-2025-22869", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2025-02-26T04:00:47.683125+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2348367", }, ], notes: [ { category: "description", text: "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh", title: "Vulnerability summary", }, { category: "other", text: "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:252d56db8da16f6b018c29bc088584579b9dc8c773557626e39c2c21f4a33ef7_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2cafb5fa71ab6b8c99e675342e151a241bc6e74b1778ce529a4ebfae3e3ca620_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78f020fa2e2b41a121338a6804b187f577d6dd3cc52acd4a8175b891044b87dc_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:311783c59fdc94d10b6713a718b29c49f685feffe8f586db3adcb347acf8c1fa_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:c580b5d8d9dd666772d2a89c6b8cabe302a061a39de04a33cf021c37530d9f34_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dd9409a53b97d766675129ba0b54e6b4a091265a02c0e373cb37f98339e5716c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:017bf023a9935fa8a8a4470155d8d562e9977ab5ce0066d9125729b071de0ad4_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:88e0c7d9ab59e26d2d4202eec5955adfa22a08d2fd1ed2de3101071e157a2ce1_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d1bb55ff658ad2f3ab2c43bf39393063ccf78ed1c262ff947a807a0e4093497e_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:260352973d0bc11ef9b18594eaa165a1cff1239dd83cabcfc37dcece4631903c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:6b1668188be2bdff894f3e268a99df669186568153c5bc0fd4b57d5ba730c037_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a9810799bff68bda8d43f8645dd7374bb127e7d7a722cf1193effd853edb310c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1e4c21f9a8098205cfd520627dcfdfca84c40c66e93698398a350647dc5fa1a1_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:3803b1fedd70aa3364cd4a6d933caedfae10eeb61d16f6cb4afabed5bca2c70c_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:e890f117226469643fd93d0f5cce6800342e442d2955b7f59a5c845ee902ba8e_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d6eb145736545f4c8566e75edb2d40a0e65499ba189bd160c759291d5bfa235_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c5bb7e387bc0775925c174ba132089c0d986a9edc8df64702b35f2732b317f_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:94ab1d45684e1942b3e273cfbbade6fe1ad48082afe538f6152b59f9781df2a0_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:67729231ca71fd33bd4a967a78a27c0f8f69623f37c1e39116c273eb5915334d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:750f49ab5ce499be086b27a38ec2495c3cc0685ce27c93c3992d6404559c0789_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c1ae51c87629f4892e3b4586f0059f32b8569851f06f59f726e1c5f9a65f9e95_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a454ad4ef2c41ca76af2c589c26de07c1796b81460c1168815b06e5eaec24b24_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aefe066ba785518b314c1647c6223eab231a7d451f93a9b4cafa85cff705851f_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c2af0e9bcfc1545c87faa1656058e6982eb0ad33ce49988d6201e5923e24b146_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b408c2f94bdabe114dad06e8474413ed217601de004e505c4a18d4bb2f80d89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:75825dd53baed3230fa15c3e3bc8b4153d43f6e3a3d1eaf7432ee8832df646ba_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c39088995863e2ef3bfbcfeb43659f3ebf348f4aab9e4a67b0ed19cc06c5627a_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:0c69bf7a9039a1d343ba1940fcbe6e66f6dfa46d2b78e6ac70892cd847a4fc55_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:322ae4f2f75b8c66b9ec161580499a78edf3a7916742f534dd72ac73fa191cbd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e7205874eada2be89406906bd2c159e96195690a6e3575468814b0b76d9c7c5_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:66033dea44b4cdec9bd2206e6fade9ad93d739eec04d995274cdaa869d52df7b_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e0f2e8695a7d40cede88f421ba53efa6758cd305d3d73fec4c5183e897ec2add_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f5f15a5ec355f883d1cb489f3ab88ad44395cbc714b6063a03792216130a3eb1_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:22bd3dc2da5c705136597c161e94bfc0aa62e4f3522a026d302d72db60045a78_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b0b04f342363bdd535d51ba95c2aca6d0aaff3640a29dbdf108ad235b06421b_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b6ab33b217c0e90742d732ab939f1e5f54526d9b44e917300ef5701f2af73fc5_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0b478464b036ee6bb27a55378f2ec1216d9eab088cffcffa820fd3ba0bec0f6f_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8070bc31a4c769780dc4d1ff6080d9abdfbc7a899b9ff38ed29ea0b4b60c0360_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b025a3169c9707673a055f79f65348f803f1def03b48c5edfb170fe9dfb54c49_s390x", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22869", }, { category: "external", summary: "RHBZ#2348367", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348367", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22869", url: "https://www.cve.org/CVERecord?id=CVE-2025-22869", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22869", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22869", }, { category: "external", summary: "https://go.dev/cl/652135", url: "https://go.dev/cl/652135", }, { category: "external", summary: "https://go.dev/issue/71931", url: "https://go.dev/issue/71931", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3487", url: "https://pkg.go.dev/vuln/GO-2025-3487", }, ], release_date: "2025-02-26T03:07:48.855000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T04:50:24+00:00", details: "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to patch release 4.5.8.", product_ids: [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:252d56db8da16f6b018c29bc088584579b9dc8c773557626e39c2c21f4a33ef7_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2cafb5fa71ab6b8c99e675342e151a241bc6e74b1778ce529a4ebfae3e3ca620_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78f020fa2e2b41a121338a6804b187f577d6dd3cc52acd4a8175b891044b87dc_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:311783c59fdc94d10b6713a718b29c49f685feffe8f586db3adcb347acf8c1fa_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:c580b5d8d9dd666772d2a89c6b8cabe302a061a39de04a33cf021c37530d9f34_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dd9409a53b97d766675129ba0b54e6b4a091265a02c0e373cb37f98339e5716c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:017bf023a9935fa8a8a4470155d8d562e9977ab5ce0066d9125729b071de0ad4_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:88e0c7d9ab59e26d2d4202eec5955adfa22a08d2fd1ed2de3101071e157a2ce1_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d1bb55ff658ad2f3ab2c43bf39393063ccf78ed1c262ff947a807a0e4093497e_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:260352973d0bc11ef9b18594eaa165a1cff1239dd83cabcfc37dcece4631903c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:6b1668188be2bdff894f3e268a99df669186568153c5bc0fd4b57d5ba730c037_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a9810799bff68bda8d43f8645dd7374bb127e7d7a722cf1193effd853edb310c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1e4c21f9a8098205cfd520627dcfdfca84c40c66e93698398a350647dc5fa1a1_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:3803b1fedd70aa3364cd4a6d933caedfae10eeb61d16f6cb4afabed5bca2c70c_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:e890f117226469643fd93d0f5cce6800342e442d2955b7f59a5c845ee902ba8e_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d6eb145736545f4c8566e75edb2d40a0e65499ba189bd160c759291d5bfa235_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c5bb7e387bc0775925c174ba132089c0d986a9edc8df64702b35f2732b317f_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:94ab1d45684e1942b3e273cfbbade6fe1ad48082afe538f6152b59f9781df2a0_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:67729231ca71fd33bd4a967a78a27c0f8f69623f37c1e39116c273eb5915334d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:750f49ab5ce499be086b27a38ec2495c3cc0685ce27c93c3992d6404559c0789_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c1ae51c87629f4892e3b4586f0059f32b8569851f06f59f726e1c5f9a65f9e95_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a454ad4ef2c41ca76af2c589c26de07c1796b81460c1168815b06e5eaec24b24_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aefe066ba785518b314c1647c6223eab231a7d451f93a9b4cafa85cff705851f_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c2af0e9bcfc1545c87faa1656058e6982eb0ad33ce49988d6201e5923e24b146_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b408c2f94bdabe114dad06e8474413ed217601de004e505c4a18d4bb2f80d89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:75825dd53baed3230fa15c3e3bc8b4153d43f6e3a3d1eaf7432ee8832df646ba_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c39088995863e2ef3bfbcfeb43659f3ebf348f4aab9e4a67b0ed19cc06c5627a_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:0c69bf7a9039a1d343ba1940fcbe6e66f6dfa46d2b78e6ac70892cd847a4fc55_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:322ae4f2f75b8c66b9ec161580499a78edf3a7916742f534dd72ac73fa191cbd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e7205874eada2be89406906bd2c159e96195690a6e3575468814b0b76d9c7c5_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:66033dea44b4cdec9bd2206e6fade9ad93d739eec04d995274cdaa869d52df7b_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e0f2e8695a7d40cede88f421ba53efa6758cd305d3d73fec4c5183e897ec2add_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f5f15a5ec355f883d1cb489f3ab88ad44395cbc714b6063a03792216130a3eb1_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:22bd3dc2da5c705136597c161e94bfc0aa62e4f3522a026d302d72db60045a78_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b0b04f342363bdd535d51ba95c2aca6d0aaff3640a29dbdf108ad235b06421b_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b6ab33b217c0e90742d732ab939f1e5f54526d9b44e917300ef5701f2af73fc5_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0b478464b036ee6bb27a55378f2ec1216d9eab088cffcffa820fd3ba0bec0f6f_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8070bc31a4c769780dc4d1ff6080d9abdfbc7a899b9ff38ed29ea0b4b60c0360_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b025a3169c9707673a055f79f65348f803f1def03b48c5edfb170fe9dfb54c49_s390x", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3437", }, { category: "workaround", details: "This flaw can be mitigated when using the client only connecting to trusted servers.", product_ids: [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:252d56db8da16f6b018c29bc088584579b9dc8c773557626e39c2c21f4a33ef7_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2cafb5fa71ab6b8c99e675342e151a241bc6e74b1778ce529a4ebfae3e3ca620_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78f020fa2e2b41a121338a6804b187f577d6dd3cc52acd4a8175b891044b87dc_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:311783c59fdc94d10b6713a718b29c49f685feffe8f586db3adcb347acf8c1fa_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:c580b5d8d9dd666772d2a89c6b8cabe302a061a39de04a33cf021c37530d9f34_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dd9409a53b97d766675129ba0b54e6b4a091265a02c0e373cb37f98339e5716c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:017bf023a9935fa8a8a4470155d8d562e9977ab5ce0066d9125729b071de0ad4_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:88e0c7d9ab59e26d2d4202eec5955adfa22a08d2fd1ed2de3101071e157a2ce1_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d1bb55ff658ad2f3ab2c43bf39393063ccf78ed1c262ff947a807a0e4093497e_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:260352973d0bc11ef9b18594eaa165a1cff1239dd83cabcfc37dcece4631903c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:6b1668188be2bdff894f3e268a99df669186568153c5bc0fd4b57d5ba730c037_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a9810799bff68bda8d43f8645dd7374bb127e7d7a722cf1193effd853edb310c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1e4c21f9a8098205cfd520627dcfdfca84c40c66e93698398a350647dc5fa1a1_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:3803b1fedd70aa3364cd4a6d933caedfae10eeb61d16f6cb4afabed5bca2c70c_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:e890f117226469643fd93d0f5cce6800342e442d2955b7f59a5c845ee902ba8e_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d6eb145736545f4c8566e75edb2d40a0e65499ba189bd160c759291d5bfa235_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c5bb7e387bc0775925c174ba132089c0d986a9edc8df64702b35f2732b317f_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:94ab1d45684e1942b3e273cfbbade6fe1ad48082afe538f6152b59f9781df2a0_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:67729231ca71fd33bd4a967a78a27c0f8f69623f37c1e39116c273eb5915334d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:750f49ab5ce499be086b27a38ec2495c3cc0685ce27c93c3992d6404559c0789_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c1ae51c87629f4892e3b4586f0059f32b8569851f06f59f726e1c5f9a65f9e95_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a454ad4ef2c41ca76af2c589c26de07c1796b81460c1168815b06e5eaec24b24_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aefe066ba785518b314c1647c6223eab231a7d451f93a9b4cafa85cff705851f_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c2af0e9bcfc1545c87faa1656058e6982eb0ad33ce49988d6201e5923e24b146_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b408c2f94bdabe114dad06e8474413ed217601de004e505c4a18d4bb2f80d89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:75825dd53baed3230fa15c3e3bc8b4153d43f6e3a3d1eaf7432ee8832df646ba_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c39088995863e2ef3bfbcfeb43659f3ebf348f4aab9e4a67b0ed19cc06c5627a_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:0c69bf7a9039a1d343ba1940fcbe6e66f6dfa46d2b78e6ac70892cd847a4fc55_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:322ae4f2f75b8c66b9ec161580499a78edf3a7916742f534dd72ac73fa191cbd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e7205874eada2be89406906bd2c159e96195690a6e3575468814b0b76d9c7c5_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:66033dea44b4cdec9bd2206e6fade9ad93d739eec04d995274cdaa869d52df7b_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e0f2e8695a7d40cede88f421ba53efa6758cd305d3d73fec4c5183e897ec2add_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f5f15a5ec355f883d1cb489f3ab88ad44395cbc714b6063a03792216130a3eb1_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:22bd3dc2da5c705136597c161e94bfc0aa62e4f3522a026d302d72db60045a78_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b0b04f342363bdd535d51ba95c2aca6d0aaff3640a29dbdf108ad235b06421b_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b6ab33b217c0e90742d732ab939f1e5f54526d9b44e917300ef5701f2af73fc5_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0b478464b036ee6bb27a55378f2ec1216d9eab088cffcffa820fd3ba0bec0f6f_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8070bc31a4c769780dc4d1ff6080d9abdfbc7a899b9ff38ed29ea0b4b60c0360_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b025a3169c9707673a055f79f65348f803f1def03b48c5edfb170fe9dfb54c49_s390x", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:252d56db8da16f6b018c29bc088584579b9dc8c773557626e39c2c21f4a33ef7_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:2cafb5fa71ab6b8c99e675342e151a241bc6e74b1778ce529a4ebfae3e3ca620_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:78f020fa2e2b41a121338a6804b187f577d6dd3cc52acd4a8175b891044b87dc_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:311783c59fdc94d10b6713a718b29c49f685feffe8f586db3adcb347acf8c1fa_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:c580b5d8d9dd666772d2a89c6b8cabe302a061a39de04a33cf021c37530d9f34_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dd9409a53b97d766675129ba0b54e6b4a091265a02c0e373cb37f98339e5716c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:017bf023a9935fa8a8a4470155d8d562e9977ab5ce0066d9125729b071de0ad4_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:88e0c7d9ab59e26d2d4202eec5955adfa22a08d2fd1ed2de3101071e157a2ce1_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:d1bb55ff658ad2f3ab2c43bf39393063ccf78ed1c262ff947a807a0e4093497e_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:260352973d0bc11ef9b18594eaa165a1cff1239dd83cabcfc37dcece4631903c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:6b1668188be2bdff894f3e268a99df669186568153c5bc0fd4b57d5ba730c037_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:a9810799bff68bda8d43f8645dd7374bb127e7d7a722cf1193effd853edb310c_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1e4c21f9a8098205cfd520627dcfdfca84c40c66e93698398a350647dc5fa1a1_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:3803b1fedd70aa3364cd4a6d933caedfae10eeb61d16f6cb4afabed5bca2c70c_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:e890f117226469643fd93d0f5cce6800342e442d2955b7f59a5c845ee902ba8e_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:5d6eb145736545f4c8566e75edb2d40a0e65499ba189bd160c759291d5bfa235_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c5bb7e387bc0775925c174ba132089c0d986a9edc8df64702b35f2732b317f_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:94ab1d45684e1942b3e273cfbbade6fe1ad48082afe538f6152b59f9781df2a0_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:67729231ca71fd33bd4a967a78a27c0f8f69623f37c1e39116c273eb5915334d_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:750f49ab5ce499be086b27a38ec2495c3cc0685ce27c93c3992d6404559c0789_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:c1ae51c87629f4892e3b4586f0059f32b8569851f06f59f726e1c5f9a65f9e95_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:a454ad4ef2c41ca76af2c589c26de07c1796b81460c1168815b06e5eaec24b24_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:aefe066ba785518b314c1647c6223eab231a7d451f93a9b4cafa85cff705851f_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c2af0e9bcfc1545c87faa1656058e6982eb0ad33ce49988d6201e5923e24b146_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:1b408c2f94bdabe114dad06e8474413ed217601de004e505c4a18d4bb2f80d89_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:75825dd53baed3230fa15c3e3bc8b4153d43f6e3a3d1eaf7432ee8832df646ba_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c39088995863e2ef3bfbcfeb43659f3ebf348f4aab9e4a67b0ed19cc06c5627a_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:0c69bf7a9039a1d343ba1940fcbe6e66f6dfa46d2b78e6ac70892cd847a4fc55_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:322ae4f2f75b8c66b9ec161580499a78edf3a7916742f534dd72ac73fa191cbd_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e7205874eada2be89406906bd2c159e96195690a6e3575468814b0b76d9c7c5_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:66033dea44b4cdec9bd2206e6fade9ad93d739eec04d995274cdaa869d52df7b_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:e0f2e8695a7d40cede88f421ba53efa6758cd305d3d73fec4c5183e897ec2add_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f5f15a5ec355f883d1cb489f3ab88ad44395cbc714b6063a03792216130a3eb1_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:22bd3dc2da5c705136597c161e94bfc0aa62e4f3522a026d302d72db60045a78_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5b0b04f342363bdd535d51ba95c2aca6d0aaff3640a29dbdf108ad235b06421b_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b6ab33b217c0e90742d732ab939f1e5f54526d9b44e917300ef5701f2af73fc5_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:0b478464b036ee6bb27a55378f2ec1216d9eab088cffcffa820fd3ba0bec0f6f_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8070bc31a4c769780dc4d1ff6080d9abdfbc7a899b9ff38ed29ea0b4b60c0360_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:b025a3169c9707673a055f79f65348f803f1def03b48c5edfb170fe9dfb54c49_s390x", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh", }, ], }
rhsa-2025:3439
Vulnerability from csaf_redhat
Published
2025-04-01 04:55
Modified
2025-04-07 11:35
Summary
Red Hat Security Advisory: ACS 4.6 enhancement and security update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security for
Kubernetes (RHACS). The updated image includes security and bug fixes.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
This release of RHACS 4.6.4 includes security and bug fixes. If you are
using an earlier version of RHACS 4.6, you are advised to upgrade to this
patch release 4.6.4.
Bugs fixed:
* Fixed an issue where Scanner V4 performed TLS validation even for integrations where TLS validation was disabled.
* Fixed an issue that prevented the "Container CPU Limit" field from being added to security policy rules.
* Fixed an issue where the Network Policies tab in the network graph detail view would hang in the PatternFly Code editor due to a potential issue with the Monaco-based text editor.
Security issues fixed:
* CVE-2025-27144: Flaw in Go JOSE versions prior to 4.0.5.
* CVE-2025-22868: Flaw in Golang in the token parsing component.
* CVE-2025-22869: Flaw in golang.org/x/crypto Secure Shell (SSH) file transfer implementation.
For more details about the security issue(s), including the impact, a CVSS
score, and other related information, refer to the CVE page(s) listed in
the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated images are now available for Red Hat Advanced Cluster Security for\nKubernetes (RHACS). The updated image includes security and bug fixes.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "This release of RHACS 4.6.4 includes security and bug fixes. If you are\nusing an earlier version of RHACS 4.6, you are advised to upgrade to this\npatch release 4.6.4.\n\nBugs fixed:\n\n* Fixed an issue where Scanner V4 performed TLS validation even for integrations where TLS validation was disabled.\n\n* Fixed an issue that prevented the \"Container CPU Limit\" field from being added to security policy rules.\n\n* Fixed an issue where the Network Policies tab in the network graph detail view would hang in the PatternFly Code editor due to a potential issue with the Monaco-based text editor.\n\nSecurity issues fixed:\n\n* CVE-2025-27144: Flaw in Go JOSE versions prior to 4.0.5.\n\n* CVE-2025-22868: Flaw in Golang in the token parsing component.\n\n* CVE-2025-22869: Flaw in golang.org/x/crypto Secure Shell (SSH) file transfer implementation.\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, refer to the CVE page(s) listed in\nthe References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3439", url: "https://access.redhat.com/errata/RHSA-2025:3439", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.6/html-single/release_notes/index", url: "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.6/html-single/release_notes/index", }, { category: "external", summary: "ROX-28602", url: "https://issues.redhat.com/browse/ROX-28602", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3439.json", }, ], title: "Red Hat Security Advisory: ACS 4.6 enhancement and security update", tracking: { current_release_date: "2025-04-07T11:35:10+00:00", generator: { date: "2025-04-07T11:35:10+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3439", initial_release_date: "2025-04-01T04:55:49+00:00", revision_history: [ { date: "2025-04-01T04:55:49+00:00", number: "1", summary: "Initial version", }, { date: "2025-04-01T04:55:49+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-07T11:35:10+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHACS 4.6 for RHEL 8", product: { name: "RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6", product_identification_helper: { cpe: "cpe:/a:redhat:advanced_cluster_security:4.6::el8", }, }, }, ], category: "product_family", name: "Red Hat Advanced Cluster Security for Kubernetes", }, { branches: [ { category: "product_version", name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le", product: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le", product_id: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le", product: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le", product_id: "advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8&tag=4.6.4-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le", product: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le", product_id: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8&tag=4.6.4-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le", product: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le", product_id: "advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8&tag=4.6.4-7", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le", product: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le", product_id: "advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle&tag=4.6.4-7", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le", product: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le", product_id: "advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le", product: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le", product_id: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8&tag=4.6.4-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8&tag=4.6.4-6", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8&tag=4.6.4-4", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64", product: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64", product_id: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64", product: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64", product_id: "advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8&tag=4.6.4-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64", product: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64", product_id: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8&tag=4.6.4-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64", product: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64", product_id: "advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8&tag=4.6.4-7", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64", product: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64", product_id: "advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle&tag=4.6.4-7", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64", product: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64", product_id: "advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64", product: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64", product_id: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8&tag=4.6.4-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64", product_id: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64", product_id: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64", product_id: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64", product_id: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64", product_id: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8&tag=4.6.4-6", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64", product_id: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8&tag=4.6.4-4", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64", product: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64", product_id: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64", product_identification_helper: { purl: "pkg:oci/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08?arch=arm64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64", product: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64", product_id: "advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64", product_identification_helper: { purl: "pkg:oci/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af?arch=arm64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8&tag=4.6.4-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64", product: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64", product_id: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64", product_identification_helper: { purl: "pkg:oci/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0?arch=arm64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8&tag=4.6.4-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64", product: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64", product_id: "advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64", product_identification_helper: { purl: "pkg:oci/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b?arch=arm64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8&tag=4.6.4-7", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64", product: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64", product_id: "advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64", product_identification_helper: { purl: "pkg:oci/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89?arch=arm64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle&tag=4.6.4-7", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64", product: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64", product_id: "advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64", product_identification_helper: { purl: "pkg:oci/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b?arch=arm64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64", product: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64", product_id: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64", product_identification_helper: { purl: "pkg:oci/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead?arch=arm64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8&tag=4.6.4-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64", product: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64", product_id: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494?arch=arm64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64", product: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64", product_id: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede?arch=arm64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64", product: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64", product_id: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1?arch=arm64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64", product: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64", product_id: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7?arch=arm64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64", product: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64", product_id: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0?arch=arm64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8&tag=4.6.4-6", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64", product: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64", product_id: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a?arch=arm64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8&tag=4.6.4-4", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x", product: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x", product_id: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x", product: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x", product_id: "advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8&tag=4.6.4-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x", product: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x", product_id: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8&tag=4.6.4-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x", product: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x", product_id: "advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8&tag=4.6.4-7", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x", product: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x", product_id: "advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle&tag=4.6.4-7", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x", product: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x", product_id: "advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x", product: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x", product_id: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8&tag=4.6.4-3", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x", product_id: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x", product_id: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x", product_id: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x", product_id: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8&tag=4.6.4-4", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x", product_id: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8&tag=4.6.4-6", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x", product_id: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8&tag=4.6.4-4", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x", }, product_reference: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64", }, product_reference: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64", }, product_reference: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x", }, product_reference: "advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64", }, product_reference: "advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64", }, product_reference: "advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64", }, product_reference: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x", }, product_reference: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64", }, product_reference: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64", }, product_reference: "advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x", }, product_reference: "advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64", }, product_reference: "advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64", }, product_reference: "advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64", }, product_reference: "advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x", }, product_reference: "advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64", }, product_reference: "advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64", }, product_reference: "advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x", }, product_reference: "advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64", }, product_reference: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64", }, product_reference: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x", }, product_reference: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64", }, product_reference: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64", }, product_reference: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64", relates_to_product_reference: "8Base-RHACS-4.6", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64 as a component of RHACS 4.6 for RHEL 8", product_id: "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64", relates_to_product_reference: "8Base-RHACS-4.6", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "jub0bs", ], }, ], cve: "CVE-2025-22868", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, discovery_date: "2025-02-26T04:00:44.350024+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2348366", }, ], notes: [ { category: "description", text: "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "RHBZ#2348366", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348366", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22868", url: "https://www.cve.org/CVERecord?id=CVE-2025-22868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", }, { category: "external", summary: "https://go.dev/cl/652155", url: "https://go.dev/cl/652155", }, { category: "external", summary: "https://go.dev/issue/71490", url: "https://go.dev/issue/71490", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3488", url: "https://pkg.go.dev/vuln/GO-2025-3488", }, ], release_date: "2025-02-26T03:07:49.012000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T04:55:49+00:00", details: "If you are using an earlier version of RHACS 4.6, you are advised to upgrade to this patch release 4.6.4.", product_ids: [ "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3439", }, { category: "workaround", details: "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.", product_ids: [ "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", }, { cve: "CVE-2025-22869", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2025-02-26T04:00:47.683125+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2348367", }, ], notes: [ { category: "description", text: "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh", title: "Vulnerability summary", }, { category: "other", text: "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22869", }, { category: "external", summary: "RHBZ#2348367", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348367", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22869", url: "https://www.cve.org/CVERecord?id=CVE-2025-22869", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22869", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22869", }, { category: "external", summary: "https://go.dev/cl/652135", url: "https://go.dev/cl/652135", }, { category: "external", summary: "https://go.dev/issue/71931", url: "https://go.dev/issue/71931", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3487", url: "https://pkg.go.dev/vuln/GO-2025-3487", }, ], release_date: "2025-02-26T03:07:48.855000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T04:55:49+00:00", details: "If you are using an earlier version of RHACS 4.6, you are advised to upgrade to this patch release 4.6.4.", product_ids: [ "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3439", }, { category: "workaround", details: "This flaw can be mitigated when using the client only connecting to trusted servers.", product_ids: [ "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh", }, { cve: "CVE-2025-27144", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2025-02-24T23:00:42.448432+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2347423", }, ], notes: [ { category: "description", text: "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.", title: "Vulnerability description", }, { category: "summary", text: "go-jose: Go JOSE's Parsing Vulnerable to Denial of Service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-27144", }, { category: "external", summary: "RHBZ#2347423", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2347423", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-27144", url: "https://www.cve.org/CVERecord?id=CVE-2025-27144", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-27144", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-27144", }, { category: "external", summary: "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22", url: "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22", }, { category: "external", summary: "https://github.com/go-jose/go-jose/releases/tag/v4.0.5", url: "https://github.com/go-jose/go-jose/releases/tag/v4.0.5", }, { category: "external", summary: "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78", url: "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78", }, ], release_date: "2025-02-24T22:22:22.863000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T04:55:49+00:00", details: "If you are using an earlier version of RHACS 4.6, you are advised to upgrade to this patch release 4.6.4.", product_ids: [ "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3439", }, { category: "workaround", details: "As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.", product_ids: [ "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:07cdcae0389c8aec32e1e4393b6e3c57acdf894926f43a94b73fb9119210b18a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:23179933e936025ed4af7c0ce0e6ba503f032b2d66c4e3a0343fc387270050a8_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:3f7453c244e17e1763cd00bb893dd48153b9f52c639fbe392330f32a8c683b08_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-central-db-rhel8@sha256:e7de910ce1ee2b66e373b5ae1228cbdf9f960b6ee4f9646d6538d6deafceed93_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:12ea9f4bd78ef018b57bcf0e8e0dbb7800753a268719a32297c61db116ab887a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:2a54010edca166d59b5a8e0054661c5cbdfd202ff7b2dc8dae3f48e3aa8cdb2c_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:7380fe034ac369d2784544bc102ab0d1992ddd7c34acd820ed90e52c969e68af_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-rhel8@sha256:a022adf62c00842eb3e2e28859f68f5e965e5cfbb5c45101271b520db6f345a7_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:2ed2a473fc2900cc2ff0b407c3d12ee959387a44ddfe4419c21b16f3e064526a_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6bc7e17ca2f06dee7a9f067a5515df7faed97a19dc3fbee34ec26a2e06d5a27b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:c9d8e97e70e495f4d268d8d846eed320bae4d94081a42cfdd5503de1fee08ef0_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:fb2da8396ba4c046e963b5c49611a154c3cd47b98701a909a7588631b3ca95c0_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:194d127f452884cfaac6b64b81b71111a2cb19483fef74a94659b3b647acec29_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:a1bbcf94392f867e55b97a8b6c9338280abd4324031628ccaa6808c329d1f51b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:d37a7edd81aadda3ea995e00273a2fb62fd97d02b7b1d94cafc4f1a4a217af8a_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-main-rhel8@sha256:df6202877fdb10926513cd01a1c596265828120300f5ab72430b535c974976e5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:2ac0811576648d839422548b1587bdf74a0bcc51202cb5312203b6d3632c4d89_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:40422d266354c240237d66bb621660ed235af7c8620de8432912854cc11c084b_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:5e0211a77a3fc5027fb005c76d549a1c4792a77b6b198f328a4d13e00d563f94_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-operator-bundle@sha256:7b49c3de7ae7ce5c5209276f9af6845d0a8e23850f22bad4b49d7b614377994e_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:6f16d3cee631fe48c46bd37df4d9936a8ad70d4d00a3d3b1405b7b699345e9fe_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:74c62d91c0973098a5fcc15d465b880a64cfb48cd85ec1cd871d80ba645505fb_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:8209c920bec930fe40492ce755d8c375e6287b9995a4323ed0e9d6723c4ba41b_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-rhel8-operator@sha256:aa5e8e1118f698170bffa160ced0f418f82c94988c500e9a07e78a0ecfa2797e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:1e41318689a86d45078bcf75a8bb5e888b15af8c3deb1cf4c09b4eacc402af22_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:606aee67225f49de8d3796aceb1a42b4452ffb0c1a45f71abd059d71b6718216_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:a98bca77e171a8b616f48ae15a5e8bce5e31d46bc4dfb7fa2f2337eb52bc0ead_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:f77f9bc05fed74f148654aa7204eed4f9b0640ab766f7b11c1e3c3bb0a62d457_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4f75ac9200117e6f8fcbd2cab92627cead25812e0f7634b6829b6b3fe11564ef_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:91f9804061df02bb30d1f11ba0a04f03831e359dc84c0a9a6261fd96c95b69bd_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e55ddc6ef87066c2e585b38c17511d291f49d65e04a6636d63394ff78035fd5c_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ea2fc256a76268a64233c67253745f9b4a51de568ac69f5a399d2a9725b52ede_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:682a900b076f6c1b0a0e3ecf6a2b07df1b5f56857f9211c8ab3a7c62611671a2_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:8d471cf249d72408fe698e720ce231130de2c666ddcec3634ce93e588f613b47_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a8a282d5e22947bcc09e3c124b000d9ad5dc66b772cca74d746299383e4e92d1_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:aa4ab88c354fbc6894e5b02869b3451e950ae9132fb3412bfeef55a790b9b15b_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:332e4b9b3f71496b7d3c242a33970969027666d4337328495435bc9206fa9106_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5e73abd21a74eb2ac262316130c17e219b8652f31b2770062412398b603ebd7e_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:af14ddfc7ae21973776a6ddd31f9ac33c24058ccce7af88092132cdc9dcaf494_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-rhel8@sha256:bba057fa8cea9e12409e247093dbe96cec9f0efada2eed47aec519a951d7e1a7_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:baec4dda158cc434cf49851d48f64952e1e2ce8e7e0d97f40645f81d6d82acb7_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c5a1b95aadf516f42c11b306168e3682540d7282610bec2eefe97178fc2f5540_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c8f4aff54a4d521ab583e9f6ab16184d70f523127d6329d87ceec853eb272ccb_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:ef50596bff98198769d80974fb00975ac77f565df11591d949e1fba4b1ce80d8_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:05ca198378303347eda14e416878e3326e78a320a592ed53ec1a1f98d9d3659e_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:6cfbae6c8cfe46477888d7f917de78934daf1aa529a515a6b6c482ae4ab2e8f5_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:9142cb7b25535a6f72c850069aa4abaeac7d4d1296a0e89ab440b21139fda372_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:ab625a2c2c03af048451011aee53f3b229ae223f2deede65efa3de30b8a37d2a_arm64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:72dc072f0d64838e91aabbcd7ea0d85c1aaf79196cb6f45fcddb2ae42ef132a6_s390x", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8add4b97bf90d0edbdad6c2e55660a74943129fc621f1a52dae5cec4c308009b_ppc64le", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:a0269bbd9ea17b0fdfc421d5c0158f712b2fa36670949bc95ccd05a45effb054_amd64", "8Base-RHACS-4.6:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:f81a7122296ebedf8212971fa8175477af5382b35cb95109ebeb63ac203b23a0_arm64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "go-jose: Go JOSE's Parsing Vulnerable to Denial of Service", }, ], }
rhsa-2025:3335
Vulnerability from csaf_redhat
Published
2025-03-27 15:00
Modified
2025-04-07 23:02
Summary
Red Hat Security Advisory: opentelemetry-collector security update
Notes
Topic
An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Collector with the supported components for a Red Hat build of OpenTelemetry
Security Fix(es):
* golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)
* go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144)
* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws (CVE-2025-22868)
* github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input (CVE-2025-29786)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Collector with the supported components for a Red Hat build of OpenTelemetry\n\nSecurity Fix(es):\n\n* golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)\n\n* go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144)\n\n* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws (CVE-2025-22868)\n\n* github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input (CVE-2025-29786)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3335", url: "https://access.redhat.com/errata/RHSA-2025:3335", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2341751", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2341751", }, { category: "external", summary: "2347423", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2347423", }, { category: "external", summary: "2348366", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348366", }, { category: "external", summary: "2352914", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2352914", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3335.json", }, ], title: "Red Hat Security Advisory: opentelemetry-collector security update", tracking: { current_release_date: "2025-04-07T23:02:40+00:00", generator: { date: "2025-04-07T23:02:40+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3335", initial_release_date: "2025-03-27T15:00:22+00:00", revision_history: [ { date: "2025-03-27T15:00:22+00:00", number: "1", summary: "Initial version", }, { date: "2025-03-27T15:00:22+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-07T23:02:40+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 9)", product: { name: "Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:9::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "opentelemetry-collector-0:0.107.0-8.el9_5.src", product: { name: "opentelemetry-collector-0:0.107.0-8.el9_5.src", product_id: "opentelemetry-collector-0:0.107.0-8.el9_5.src", product_identification_helper: { purl: "pkg:rpm/redhat/opentelemetry-collector@0.107.0-8.el9_5?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", product: { name: "opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", product_id: "opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/opentelemetry-collector@0.107.0-8.el9_5?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", product: { name: "opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", product_id: "opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/opentelemetry-collector@0.107.0-8.el9_5?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", product: { name: "opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", product_id: "opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/opentelemetry-collector@0.107.0-8.el9_5?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "opentelemetry-collector-0:0.107.0-8.el9_5.s390x", product: { name: "opentelemetry-collector-0:0.107.0-8.el9_5.s390x", product_id: "opentelemetry-collector-0:0.107.0-8.el9_5.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/opentelemetry-collector@0.107.0-8.el9_5?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "opentelemetry-collector-0:0.107.0-8.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", }, product_reference: "opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", }, product_reference: "opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "opentelemetry-collector-0:0.107.0-8.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x", }, product_reference: "opentelemetry-collector-0:0.107.0-8.el9_5.s390x", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "opentelemetry-collector-0:0.107.0-8.el9_5.src as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src", }, product_reference: "opentelemetry-collector-0:0.107.0-8.el9_5.src", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, { category: "default_component_of", full_product_name: { name: "opentelemetry-collector-0:0.107.0-8.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)", product_id: "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", }, product_reference: "opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", relates_to_product_reference: "AppStream-9.5.0.Z.MAIN", }, ], }, vulnerabilities: [ { cve: "CVE-2024-45336", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2025-01-23T12:57:38.123000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2341751", }, ], notes: [ { category: "description", text: "A flaw was found in the net/http package of the Golang standard library. The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to `a.com/` containing an Authorization header redirected to `b.com/` will not send that header to `b.com`. However, the sensitive headers would be restored if the client received a subsequent same-domain redirect. For example, a chain of redirects from `a.com/`, to `b.com/1`, and finally to `b.com/2` would incorrectly send the Authorization header to `b.com/2`.", title: "Vulnerability description", }, { category: "summary", text: "golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45336", }, { category: "external", summary: "RHBZ#2341751", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2341751", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45336", url: "https://www.cve.org/CVERecord?id=CVE-2024-45336", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45336", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45336", }, ], release_date: "2025-01-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T15:00:22+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3335", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect", }, { acknowledgments: [ { names: [ "jub0bs", ], }, ], cve: "CVE-2025-22868", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, discovery_date: "2025-02-26T04:00:44.350024+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2348366", }, ], notes: [ { category: "description", text: "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "RHBZ#2348366", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348366", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22868", url: "https://www.cve.org/CVERecord?id=CVE-2025-22868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", }, { category: "external", summary: "https://go.dev/cl/652155", url: "https://go.dev/cl/652155", }, { category: "external", summary: "https://go.dev/issue/71490", url: "https://go.dev/issue/71490", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3488", url: "https://pkg.go.dev/vuln/GO-2025-3488", }, ], release_date: "2025-02-26T03:07:49.012000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T15:00:22+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3335", }, { category: "workaround", details: "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.", product_ids: [ "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", }, { cve: "CVE-2025-27144", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2025-02-24T23:00:42.448432+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2347423", }, ], notes: [ { category: "description", text: "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.", title: "Vulnerability description", }, { category: "summary", text: "go-jose: Go JOSE's Parsing Vulnerable to Denial of Service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-27144", }, { category: "external", summary: "RHBZ#2347423", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2347423", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-27144", url: "https://www.cve.org/CVERecord?id=CVE-2025-27144", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-27144", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-27144", }, { category: "external", summary: "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22", url: "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22", }, { category: "external", summary: "https://github.com/go-jose/go-jose/releases/tag/v4.0.5", url: "https://github.com/go-jose/go-jose/releases/tag/v4.0.5", }, { category: "external", summary: "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78", url: "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78", }, ], release_date: "2025-02-24T22:22:22.863000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T15:00:22+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3335", }, { category: "workaround", details: "As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.", product_ids: [ "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "go-jose: Go JOSE's Parsing Vulnerable to Denial of Service", }, { cve: "CVE-2025-29786", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2025-03-17T14:00:59.078419+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2352914", }, ], notes: [ { category: "description", text: "A flaw was found in Expr. This vulnerability allows excessive memory usage and potential out-of-memory (OOM) crashes via unbounded input strings, where a malicious or inadvertent large expression can cause the parser to construct an extremely large Abstract Syntax Tree (AST), consuming excessive memory.", title: "Vulnerability description", }, { category: "summary", text: "github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-29786", }, { category: "external", summary: "RHBZ#2352914", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2352914", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-29786", url: "https://www.cve.org/CVERecord?id=CVE-2025-29786", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-29786", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-29786", }, { category: "external", summary: "https://github.com/expr-lang/expr/pull/762", url: "https://github.com/expr-lang/expr/pull/762", }, { category: "external", summary: "https://github.com/expr-lang/expr/security/advisories/GHSA-93mq-9ffx-83m2", url: "https://github.com/expr-lang/expr/security/advisories/GHSA-93mq-9ffx-83m2", }, ], release_date: "2025-03-17T13:15:32.836000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-27T15:00:22+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3335", }, { category: "workaround", details: "To mitigate this vulnerability, it is recommended to impose an input size restriction before parsing (i.e. validating or limiting the length of expression strings that the application will accept). Ensuring no unbounded-length expressions are fed into the parser will prevent the parser from constructing a very large AST and avoid the potential memory exhaustion issue.", product_ids: [ "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.aarch64", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.ppc64le", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.s390x", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.src", "AppStream-9.5.0.Z.MAIN:opentelemetry-collector-0:0.107.0-8.el9_5.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input", }, ], }
rhsa-2025:3501
Vulnerability from csaf_redhat
Published
2025-04-01 20:50
Modified
2025-04-07 11:35
Summary
Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.15.1-4 Update
Notes
Topic
Custom Metrics Autoscaler Operator for Red Hat OpenShift updates.
The following updates for the Custom Metric Autoscaler operator for Red Hat OpenShift are now available:
* custom-metrics-autoscaler-adapter-container * custom-metrics-autoscaler-admission-webhooks-container * custom-metrics-autoscaler-container * custom-metrics-autoscaler-operator-bundle-container * custom-metrics-autoscaler-operator-container
Details
The Custom Metrics Autoscaler Operator for Red Hat OpenShift is an optional operator, based on the Kubernetes Event Driven Autoscaler (KEDA), which allows workloads to be scaled using additional metrics sources other than pod metrics.
This release is based upon KEDA 2.15.1
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Custom Metrics Autoscaler Operator for Red Hat OpenShift updates.\nThe following updates for the Custom Metric Autoscaler operator for Red Hat OpenShift are now available:\n* custom-metrics-autoscaler-adapter-container * custom-metrics-autoscaler-admission-webhooks-container * custom-metrics-autoscaler-container * custom-metrics-autoscaler-operator-bundle-container * custom-metrics-autoscaler-operator-container", title: "Topic", }, { category: "general", text: "The Custom Metrics Autoscaler Operator for Red Hat OpenShift is an optional operator, based on the Kubernetes Event Driven Autoscaler (KEDA), which allows workloads to be scaled using additional metrics sources other than pod metrics.\nThis release is based upon KEDA 2.15.1", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3501", url: "https://access.redhat.com/errata/RHSA-2025:3501", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2025-22868", url: "https://access.redhat.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2024-34156", url: "https://access.redhat.com/security/cve/CVE-2024-34156", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2025-27144", url: "https://access.redhat.com/security/cve/CVE-2025-27144", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3501.json", }, ], title: "Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.15.1-4 Update", tracking: { current_release_date: "2025-04-07T11:35:26+00:00", generator: { date: "2025-04-07T11:35:26+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3501", initial_release_date: "2025-04-01T20:50:35+00:00", revision_history: [ { date: "2025-04-01T20:50:35+00:00", number: "1", summary: "Initial version", }, { date: "2025-04-02T11:00:35+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-07T11:35:26+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15", product: { name: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15", product_id: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15", product_identification_helper: { cpe: "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.15::el9", }, }, }, ], category: "product_family", name: "Custom Metric Autoscaler operator for Red Hat Openshift", }, { branches: [ { category: "product_version", name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64", product: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64", product_id: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64", product_identification_helper: { purl: "pkg:oci/custom-metrics-autoscaler-rhel9-operator@sha256%3Af29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e?arch=amd64&repository_url=registry.redhat.io/custom-metrics-autoscaler&tag=2.15.1-1742297344", }, }, }, { category: "product_version", name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64", product: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64", product_id: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64", product_identification_helper: { purl: "pkg:oci/custom-metrics-autoscaler-operator-bundle@sha256%3A8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79?arch=amd64&repository_url=registry.redhat.io/custom-metrics-autoscaler&tag=2.15.1-1742311148", }, }, }, { category: "product_version", name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64", product: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64", product_id: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64", product_identification_helper: { purl: "pkg:oci/custom-metrics-autoscaler-adapter-rhel9@sha256%3Ac1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475?arch=amd64&repository_url=registry.redhat.io/custom-metrics-autoscaler&tag=2.15.1-1742296189", }, }, }, { category: "product_version", name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64", product: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64", product_id: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64", product_identification_helper: { purl: "pkg:oci/custom-metrics-autoscaler-rhel9@sha256%3Acc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514?arch=amd64&repository_url=registry.redhat.io/custom-metrics-autoscaler&tag=2.15.1-1742296747", }, }, }, { category: "product_version", name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64", product: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64", product_id: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64", product_identification_helper: { purl: "pkg:oci/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256%3A4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3?arch=amd64&repository_url=registry.redhat.io/custom-metrics-autoscaler&tag=2.15.1-1742297180", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64", product: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64", product_id: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64", product_identification_helper: { purl: "pkg:oci/custom-metrics-autoscaler-rhel9-operator@sha256%3A9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c?arch=arm64&repository_url=registry.redhat.io/custom-metrics-autoscaler&tag=2.15.1-1742297344", }, }, }, { category: "product_version", name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64", product: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64", product_id: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64", product_identification_helper: { purl: "pkg:oci/custom-metrics-autoscaler-adapter-rhel9@sha256%3A54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd?arch=arm64&repository_url=registry.redhat.io/custom-metrics-autoscaler&tag=2.15.1-1742296189", }, }, }, { category: "product_version", name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64", product: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64", product_id: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64", product_identification_helper: { purl: "pkg:oci/custom-metrics-autoscaler-rhel9@sha256%3Aa5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303?arch=arm64&repository_url=registry.redhat.io/custom-metrics-autoscaler&tag=2.15.1-1742296747", }, }, }, { category: "product_version", name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64", product: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64", product_id: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64", product_identification_helper: { purl: "pkg:oci/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256%3Aca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9?arch=arm64&repository_url=registry.redhat.io/custom-metrics-autoscaler&tag=2.15.1-1742297180", }, }, }, ], category: "architecture", name: "arm64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64 as a component of Custom Metric Autoscaler operator for Red Hat Openshift 2.15", product_id: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64", }, product_reference: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64", relates_to_product_reference: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64 as a component of Custom Metric Autoscaler operator for Red Hat Openshift 2.15", product_id: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64", }, product_reference: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64", relates_to_product_reference: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64 as a component of Custom Metric Autoscaler operator for Red Hat Openshift 2.15", product_id: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64", }, product_reference: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64", relates_to_product_reference: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64 as a component of Custom Metric Autoscaler operator for Red Hat Openshift 2.15", product_id: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64", }, product_reference: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64", relates_to_product_reference: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64 as a component of Custom Metric Autoscaler operator for Red Hat Openshift 2.15", product_id: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64", }, product_reference: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64", relates_to_product_reference: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64 as a component of Custom Metric Autoscaler operator for Red Hat Openshift 2.15", product_id: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64", }, product_reference: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64", relates_to_product_reference: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64 as a component of Custom Metric Autoscaler operator for Red Hat Openshift 2.15", product_id: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64", }, product_reference: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64", relates_to_product_reference: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64 as a component of Custom Metric Autoscaler operator for Red Hat Openshift 2.15", product_id: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64", }, product_reference: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64", relates_to_product_reference: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15", }, { category: "default_component_of", full_product_name: { name: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64 as a component of Custom Metric Autoscaler operator for Red Hat Openshift 2.15", product_id: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64", }, product_reference: "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64", relates_to_product_reference: "Custom Metric Autoscaler operator for Red Hat Openshift 2.15", }, ], }, vulnerabilities: [ { cve: "CVE-2024-34156", cwe: { id: "CWE-674", name: "Uncontrolled Recursion", }, discovery_date: "2024-09-06T21:20:09.377905+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2310528", }, ], notes: [ { category: "description", text: "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.", title: "Vulnerability description", }, { category: "summary", text: "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion", title: "Vulnerability summary", }, { category: "other", text: "This vulnerability in Go's `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64", ], known_not_affected: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-34156", }, { category: "external", summary: "RHBZ#2310528", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2310528", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-34156", url: "https://www.cve.org/CVERecord?id=CVE-2024-34156", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-34156", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34156", }, { category: "external", summary: "https://go.dev/cl/611239", url: "https://go.dev/cl/611239", }, { category: "external", summary: "https://go.dev/issue/69139", url: "https://go.dev/issue/69139", }, { category: "external", summary: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", url: "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2024-3106", url: "https://pkg.go.dev/vuln/GO-2024-3106", }, ], release_date: "2024-09-06T21:15:12.020000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T20:50:35+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3501", }, { category: "workaround", details: "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", product_ids: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion", }, { acknowledgments: [ { names: [ "jub0bs", ], }, ], cve: "CVE-2025-22868", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, discovery_date: "2025-02-26T04:00:44.350024+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2348366", }, ], notes: [ { category: "description", text: "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64", ], known_not_affected: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "RHBZ#2348366", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348366", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22868", url: "https://www.cve.org/CVERecord?id=CVE-2025-22868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", }, { category: "external", summary: "https://go.dev/cl/652155", url: "https://go.dev/cl/652155", }, { category: "external", summary: "https://go.dev/issue/71490", url: "https://go.dev/issue/71490", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3488", url: "https://pkg.go.dev/vuln/GO-2025-3488", }, ], release_date: "2025-02-26T03:07:49.012000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T20:50:35+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3501", }, { category: "workaround", details: "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.", product_ids: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", }, { cve: "CVE-2025-27144", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2025-02-24T23:00:42.448432+00:00", flags: [ { label: "vulnerable_code_not_present", product_ids: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64", ], }, ], ids: [ { system_name: "Red Hat Bugzilla ID", text: "2347423", }, ], notes: [ { category: "description", text: "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.", title: "Vulnerability description", }, { category: "summary", text: "go-jose: Go JOSE's Parsing Vulnerable to Denial of Service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64", ], known_not_affected: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-27144", }, { category: "external", summary: "RHBZ#2347423", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2347423", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-27144", url: "https://www.cve.org/CVERecord?id=CVE-2025-27144", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-27144", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-27144", }, { category: "external", summary: "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22", url: "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22", }, { category: "external", summary: "https://github.com/go-jose/go-jose/releases/tag/v4.0.5", url: "https://github.com/go-jose/go-jose/releases/tag/v4.0.5", }, { category: "external", summary: "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78", url: "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78", }, ], release_date: "2025-02-24T22:22:22.863000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-01T20:50:35+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258", product_ids: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3501", }, { category: "workaround", details: "As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.", product_ids: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:54bea2715a756906158c46c522b1b25fc91389a4f8834ed7abc8ec8e74742edd_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:c1157f466293e87e51162599e1d69c489eaf9699dbfba334760b9927eabdd475_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:4b65d73b1479d35ceb8caba98e2dc58cb13d3d8f3545ec8bb8799439dfca4ee3_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:ca9c73d5adf71ba2aba7b47d63f038364860f0fb5becf39eb87bf2f261eef7b9_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:8b9ebfcc795ea83fa038daa9471b45bb8527d4fc705a95f8121703fd063c6b79_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:9f583938da2d79ea0ab8a49d0d4b936fc48754d0048e04a7caad78ab886c2c4c_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:f29faa109ea2a8c418e5a3c6cb2069805037232872122db46e7c0a2033e9ec9e_amd64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:a5b5570c4c0c54d6d8833ea5985e849f0cf79913c6c049378767e11ef7eb6303_arm64", "Custom Metric Autoscaler operator for Red Hat Openshift 2.15:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cc1abd24fce82a1fb24ba726e25f1763ac2a497d5bf2e3352210fa65d133a514_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "go-jose: Go JOSE's Parsing Vulnerable to Denial of Service", }, ], }
rhsa-2025:3053
Vulnerability from csaf_redhat
Published
2025-03-20 04:55
Modified
2025-04-04 19:06
Summary
Red Hat Security Advisory: Gatekeeper v3.15.4
Notes
Topic
Gatekeeper v3.15.4
Details
Gatekeeper v3.15.4
Gatekeeper is a validating webhook with auditing capabilities that can
enforce custom resource definition-based policies that are run with the
Open Policy Agent (OPA). Gatekeeper is supported through a Red Hat Advanced
Cluster Management for Kubernetes subscription.
Starting in v3.15, the following namespaces are exempt from admission control:
- kube-*
- multicluster-engine
- hypershift
- hive
- rhacs-operator
- open-cluster-*
- openshift-*
To disable the default exempt namespaces, set the namespaces you want on the
object.
Security fix(es):
* golang.org/x/oauth2: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)
* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869)
Additional Release Notes:
* v3.15.0 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.0
* v3.15.1 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.1
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Gatekeeper v3.15.4", title: "Topic", }, { category: "general", text: "Gatekeeper v3.15.4\n\nGatekeeper is a validating webhook with auditing capabilities that can\nenforce custom resource definition-based policies that are run with the\nOpen Policy Agent (OPA). Gatekeeper is supported through a Red Hat Advanced\nCluster Management for Kubernetes subscription.\n\nStarting in v3.15, the following namespaces are exempt from admission control:\n\n- kube-*\n- multicluster-engine\n- hypershift\n- hive\n- rhacs-operator\n- open-cluster-*\n- openshift-*\n\nTo disable the default exempt namespaces, set the namespaces you want on the\nobject.\n\nSecurity fix(es):\n\n* golang.org/x/oauth2: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)\n* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869)\n\nAdditional Release Notes:\n\n* v3.15.0 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.0\n* v3.15.1 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.1", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3053", url: "https://access.redhat.com/errata/RHSA-2025:3053", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.0", url: "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.0", }, { category: "external", summary: "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.1", url: "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.15.1", }, { category: "external", summary: "2348366", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348366", }, { category: "external", summary: "2348367", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348367", }, { category: "external", summary: "ACM-18305", url: "https://issues.redhat.com/browse/ACM-18305", }, { category: "external", summary: "ACM-18536", url: "https://issues.redhat.com/browse/ACM-18536", }, { category: "external", summary: "HYPBLD-606", url: "https://issues.redhat.com/browse/HYPBLD-606", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3053.json", }, ], title: "Red Hat Security Advisory: Gatekeeper v3.15.4", tracking: { current_release_date: "2025-04-04T19:06:49+00:00", generator: { date: "2025-04-04T19:06:49+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3053", initial_release_date: "2025-03-20T04:55:47+00:00", revision_history: [ { date: "2025-03-20T04:55:47+00:00", number: "1", summary: "Initial version", }, { date: "2025-03-20T04:55:47+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-04T19:06:49+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "gatekeeper 3.15 for RHEL 9", product: { name: "gatekeeper 3.15 for RHEL 9", product_id: "9Base-gatekeeper-3.15", product_identification_helper: { cpe: "cpe:/a:redhat:gatekeeper:3.15::el9", }, }, }, ], category: "product_family", name: "gatekeeper", }, { branches: [ { category: "product_version", name: "gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x", product: { name: "gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x", product_id: "gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x", product_identification_helper: { purl: "pkg:oci/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf?arch=s390x&repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9&tag=v3.15.1-30", }, }, }, { category: "product_version", name: "gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x", product: { name: "gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x", product_id: "gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x", product_identification_helper: { purl: "pkg:oci/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460?arch=s390x&repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator&tag=v3.15.4-1", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64", product: { name: "gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64", product_id: "gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64", product_identification_helper: { purl: "pkg:oci/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63?arch=amd64&repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9&tag=v3.15.1-30", }, }, }, { category: "product_version", name: "gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64", product: { name: "gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64", product_id: "gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64", product_identification_helper: { purl: "pkg:oci/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85?arch=amd64&repository_url=registry.redhat.io/gatekeeper/gatekeeper-operator-bundle&tag=v3.15.4-1", }, }, }, { category: "product_version", name: "gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64", product: { name: "gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64", product_id: "gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64", product_identification_helper: { purl: "pkg:oci/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d?arch=amd64&repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator&tag=v3.15.4-1", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le", product: { name: "gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le", product_id: "gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le", product_identification_helper: { purl: "pkg:oci/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c?arch=ppc64le&repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9&tag=v3.15.1-30", }, }, }, { category: "product_version", name: "gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le", product: { name: "gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le", product_id: "gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le", product_identification_helper: { purl: "pkg:oci/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635?arch=ppc64le&repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator&tag=v3.15.4-1", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64", product: { name: "gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64", product_id: "gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64", product_identification_helper: { purl: "pkg:oci/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94?arch=arm64&repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9&tag=v3.15.1-30", }, }, }, { category: "product_version", name: "gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64", product: { name: "gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64", product_id: "gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64", product_identification_helper: { purl: "pkg:oci/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347?arch=arm64&repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator&tag=v3.15.4-1", }, }, }, ], category: "architecture", name: "arm64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64 as a component of gatekeeper 3.15 for RHEL 9", product_id: "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64", }, product_reference: "gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64", relates_to_product_reference: "9Base-gatekeeper-3.15", }, { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x as a component of gatekeeper 3.15 for RHEL 9", product_id: "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x", }, product_reference: "gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x", relates_to_product_reference: "9Base-gatekeeper-3.15", }, { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64 as a component of gatekeeper 3.15 for RHEL 9", product_id: "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64", }, product_reference: "gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64", relates_to_product_reference: "9Base-gatekeeper-3.15", }, { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64 as a component of gatekeeper 3.15 for RHEL 9", product_id: "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64", }, product_reference: "gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64", relates_to_product_reference: "9Base-gatekeeper-3.15", }, { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le as a component of gatekeeper 3.15 for RHEL 9", product_id: "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le", }, product_reference: "gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le", relates_to_product_reference: "9Base-gatekeeper-3.15", }, { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64 as a component of gatekeeper 3.15 for RHEL 9", product_id: "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64", }, product_reference: "gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64", relates_to_product_reference: "9Base-gatekeeper-3.15", }, { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64 as a component of gatekeeper 3.15 for RHEL 9", product_id: "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64", }, product_reference: "gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64", relates_to_product_reference: "9Base-gatekeeper-3.15", }, { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x as a component of gatekeeper 3.15 for RHEL 9", product_id: "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x", }, product_reference: "gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x", relates_to_product_reference: "9Base-gatekeeper-3.15", }, { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le as a component of gatekeeper 3.15 for RHEL 9", product_id: "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le", }, product_reference: "gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le", relates_to_product_reference: "9Base-gatekeeper-3.15", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "jub0bs", ], }, ], cve: "CVE-2025-22868", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, discovery_date: "2025-02-26T04:00:44.350024+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2348366", }, ], notes: [ { category: "description", text: "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "RHBZ#2348366", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348366", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22868", url: "https://www.cve.org/CVERecord?id=CVE-2025-22868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", }, { category: "external", summary: "https://go.dev/cl/652155", url: "https://go.dev/cl/652155", }, { category: "external", summary: "https://go.dev/issue/71490", url: "https://go.dev/issue/71490", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3488", url: "https://pkg.go.dev/vuln/GO-2025-3488", }, ], release_date: "2025-02-26T03:07:49.012000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-20T04:55:47+00:00", details: "For more information, see the following resources:\n\n* See the Gatekeeper\ndocumentation: https://open-policy-agent.github.io/gatekeeper/website/docs/.\n\n* For support and troubleshooting, Gatekeeper is supported through a Red Hat Advanced Cluster Management for\nKubernetes subscription:\nhttps://access.redhat.com/products/red-hat-advanced-cluster-management-for-kubernetes.\n\n* The Open Policy Agent Gatekeeper community collaborates on Slack. Join the \n#opa-gatekeeper channel: https://openpolicyagent.slack.com/archives/CDTN970AX.\n\n* Open issues on the Gatekeeper GitHub repository: https://github.com/open-policy-agent/gatekeeper/issues.\n\n* See the installation and upgrade documentation: https://open-policy-agent.github.io/gatekeeper/website/docs/install.", product_ids: [ "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3053", }, { category: "workaround", details: "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.", product_ids: [ "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", }, { cve: "CVE-2025-22869", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2025-02-26T04:00:47.683125+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2348367", }, ], notes: [ { category: "description", text: "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh", title: "Vulnerability summary", }, { category: "other", text: "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22869", }, { category: "external", summary: "RHBZ#2348367", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348367", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22869", url: "https://www.cve.org/CVERecord?id=CVE-2025-22869", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22869", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22869", }, { category: "external", summary: "https://go.dev/cl/652135", url: "https://go.dev/cl/652135", }, { category: "external", summary: "https://go.dev/issue/71931", url: "https://go.dev/issue/71931", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3487", url: "https://pkg.go.dev/vuln/GO-2025-3487", }, ], release_date: "2025-02-26T03:07:48.855000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-20T04:55:47+00:00", details: "For more information, see the following resources:\n\n* See the Gatekeeper\ndocumentation: https://open-policy-agent.github.io/gatekeeper/website/docs/.\n\n* For support and troubleshooting, Gatekeeper is supported through a Red Hat Advanced Cluster Management for\nKubernetes subscription:\nhttps://access.redhat.com/products/red-hat-advanced-cluster-management-for-kubernetes.\n\n* The Open Policy Agent Gatekeeper community collaborates on Slack. Join the \n#opa-gatekeeper channel: https://openpolicyagent.slack.com/archives/CDTN970AX.\n\n* Open issues on the Gatekeeper GitHub repository: https://github.com/open-policy-agent/gatekeeper/issues.\n\n* See the installation and upgrade documentation: https://open-policy-agent.github.io/gatekeeper/website/docs/install.", product_ids: [ "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3053", }, { category: "workaround", details: "This flaw can be mitigated when using the client only connecting to trusted servers.", product_ids: [ "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-operator-bundle@sha256:96b77663961daea3a336b97e34e9412281bfb2727854dc970a69edd029b9af85_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:d4cb7893bc7ddf352e9ee37f97461c798002cc79e1eea8706944f94f6b07a460_s390x", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:e8e33ff4369c91bbf63c4c81979e0231ff247f3b0ab7a2872c0918a5455a1a2d_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f287794acade33527da37fa3d6d872753231ac40546bdadf577ea4c3eb3a9347_arm64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9-operator@sha256:f59983c70575e23e7e0e04422a0db15f99d8943c9246878044b205e871934635_ppc64le", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:2861cb1f2dec29a50a1b920768f8c7d463c7917b4267cb62813f7378972ecd63_amd64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:9530577a1ddbc3fd1cc27fa9bf25220a4437f20817d85974a3066fd3d4229d94_arm64", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:b893c6fd9d1414efd34c51fdc08795c9ddf5e73053c5cc1b742eea04c6a1d4bf_s390x", "9Base-gatekeeper-3.15:gatekeeper/gatekeeper-rhel9@sha256:c0130d50528c55aa6819f7b722ad39bb583f1b8b961c47e32a8561d34440883c_ppc64le", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh", }, ], }
rhsa-2025:2526
Vulnerability from csaf_redhat
Published
2025-03-10 15:51
Modified
2025-04-04 19:06
Summary
Red Hat Security Advisory: ACS 4.5 enhancement update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security (RHACS).
Details
This release of RHACS 4.5 provides these changes:
- Fix rhacs-main-container: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)
- ROX-27347: Fix vulnerability report job getting stuck in waiting state after central restart.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Updated images are now available for Red Hat Advanced Cluster Security (RHACS).", title: "Topic", }, { category: "general", text: "This release of RHACS 4.5 provides these changes:\n\n- Fix rhacs-main-container: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (CVE-2025-22868)\n- ROX-27347: Fix vulnerability report job getting stuck in waiting state after central restart.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:2526", url: "https://access.redhat.com/errata/RHSA-2025:2526", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.5/html/release_notes/release-notes-45", url: "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.5/html/release_notes/release-notes-45", }, { category: "external", summary: "ROX-28410", url: "https://issues.redhat.com/browse/ROX-28410", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2526.json", }, ], title: "Red Hat Security Advisory: ACS 4.5 enhancement update", tracking: { current_release_date: "2025-04-04T19:06:36+00:00", generator: { date: "2025-04-04T19:06:36+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:2526", initial_release_date: "2025-03-10T15:51:20+00:00", revision_history: [ { date: "2025-03-10T15:51:20+00:00", number: "1", summary: "Initial version", }, { date: "2025-03-10T15:51:20+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-04T19:06:36+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "RHACS 4.5 for RHEL 8", product: { name: "RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5", product_identification_helper: { cpe: "cpe:/a:redhat:advanced_cluster_security:4.5::el8", }, }, }, ], category: "product_family", name: "Red Hat Advanced Cluster Security for Kubernetes", }, { branches: [ { category: "product_version", name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64", product: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64", product_id: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64", product: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64", product_id: "advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64", product: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64", product_id: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64", product: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64", product_id: "advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64", product: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64", product_id: "advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64", product: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64", product_id: "advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64", product: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64", product_id: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64", product_id: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64", product_id: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64", product_id: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64", product_id: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64", product_id: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64", product: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64", product_id: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d?arch=amd64&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8&tag=4.5.7-2", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x", product: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x", product_id: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x", product: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x", product_id: "advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x", product: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x", product_id: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x", product: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x", product_id: "advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x", product: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x", product_id: "advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x", product: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x", product_id: "advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x", product: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x", product_id: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x", product_id: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x", product_id: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x", product_id: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x", product_id: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x", product_id: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x", product: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x", product_id: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270?arch=s390x&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8&tag=4.5.7-2", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le", product: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le", product_id: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le", product: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le", product_id: "advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le", product: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le", product_id: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le", product: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le", product_id: "advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le", product: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le", product_id: "advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le", product: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le", product_id: "advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le", product: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le", product_id: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8&tag=4.5.7-2", }, }, }, { category: "product_version", name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le", product: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le", product_id: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le", product_identification_helper: { purl: "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d?arch=ppc64le&repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8&tag=4.5.7-2", }, }, }, ], category: "architecture", name: "ppc64le", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x", }, product_reference: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64", }, product_reference: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64", }, product_reference: "advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x", }, product_reference: "advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x", }, product_reference: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64", }, product_reference: "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64", }, product_reference: "advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x", }, product_reference: "advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64", }, product_reference: "advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x", }, product_reference: "advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64", }, product_reference: "advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x", }, product_reference: "advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x", }, product_reference: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64", }, product_reference: "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le", relates_to_product_reference: "8Base-RHACS-4.5", }, { category: "default_component_of", full_product_name: { name: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64 as a component of RHACS 4.5 for RHEL 8", product_id: "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64", }, product_reference: "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64", relates_to_product_reference: "8Base-RHACS-4.5", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "jub0bs", ], }, ], cve: "CVE-2025-22868", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, discovery_date: "2025-02-26T04:00:44.350024+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2348366", }, ], notes: [ { category: "description", text: "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "RHBZ#2348366", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348366", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22868", url: "https://www.cve.org/CVERecord?id=CVE-2025-22868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", }, { category: "external", summary: "https://go.dev/cl/652155", url: "https://go.dev/cl/652155", }, { category: "external", summary: "https://go.dev/issue/71490", url: "https://go.dev/issue/71490", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3488", url: "https://pkg.go.dev/vuln/GO-2025-3488", }, ], release_date: "2025-02-26T03:07:49.012000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-10T15:51:20+00:00", details: "If you are using an earlier version of RHACS 4.5, you are advised to upgrade to patch release 4.5.7.", product_ids: [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:2526", }, { category: "workaround", details: "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.", product_ids: [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:464cccb42fc8dc94603f1490371aed5d684393c3a8d22e9e215c6b2fb4281c19_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:6de228ab0ec26cad091603df54cfd8fbd730a11d8e0c75bfb0f9b224b17fa1dc_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-central-db-rhel8@sha256:f11ba75dc67ca0f5aeddbf77fbd9cdb592fe288dd433350d190d1ddc598abf7d_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:30eb57291e6adf1baa4fbea5b5f8f56ed8b57f312d15fda9fcdb8aef56c02326_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:4c11e822b0a0aac155dae902d427d23753bf20533caf7ce95e38ee4d6b346af7_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-rhel8@sha256:dde5a5a36f0e6bb96eacbef6d7592ad70cc92312d8d2c8c8b97f229acb7843cb_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:66651025a6eaa3d5604523985db52cc44817155c8604cb38a0688c5ceab8417a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:706203536882e7e1ebd6a13142c1b6db2311565b1a540e8a4a5d4e8ee4d2b931_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:931812d283861d7aceb9ad0df0820f81ab7d6409e5bc4d4ad1255fba49e7fed0_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:73153fa459a3054655017e98522e22b9e4def02bbf40edbafa68e3d46c88d0f6_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:808da428ed52a3d1894264b658bd832c730cd63333207c5deff2fae08acc8c14_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-main-rhel8@sha256:9e3ef9e5e6efc943d58355a58098609dabf9115a14522b1369fea643438c19ab_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:04b8413db1c7b315643c2c420e7d2b71d805956c93db779f363beef09339041f_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:1a1a57b1d596b804521bef78ee1f31c08d802e62a044194f4f95ee6106ae644c_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-operator-bundle@sha256:5afdcc4dcabfa2ba10a8c7861fe5380e4d0a8ddfa43bb8c8d11a2d2ff6993b4c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:3e9b671b0879f4664655363c9b47efe196fe3260fe3f26ee77db58f32d2402f4_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:47786dc1915d7cc4cbf71f466de5e777389f0a7a7a48802341c73e57d9c7bbb0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-rhel8-operator@sha256:51b5a17598c42135f019b242711b4406a36e815cf42d05c0070d0f11f125afe5_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:02cc7c3cd83358e3fb11aaf55a1f013c9391a9067841841373f2606508a2ed88_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:2187a575dd03c17b9ea747d07c7714a83e10804b7bbab7e46f81b9ad50545ecd_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:257df3021d4e4d8ab83cb27a58503cc4af8522b0483092904a9f1841eb180e38_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:929155d124504fad88add9274dd1aa00cbf1dba4c33615e0a17c6db172d42dff_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:bcc4cfa09a297673a40dfb40ef58dd7ee921b8b8cf00079c7164ba897a2abf82_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:ebebf9747cad8e1960cb4a03be0c63b66d0a41ce4ef22b57a71d7f18a1cea8b8_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:53e9606642dd1881c04fc4064e2b16250b1f081ca4ded70da1612774307e3215_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dc1c7f6d68bfefd0eb8a207922b1561eeb4dd79766b7f96c1d367f9d59a3fe31_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:f3549f923bea37741d3daffdcd0bf43f00b4f27073a6c43a63baf7abd86e6e81_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:483a30ff5fae00c62250ba0f4d2035fd61e2e547400b579f541fbe6be8bfbc53_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:6079044bbfaf67cb0254299f2c5e23eaf8025c8082164c18eae167bec9223d0e_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ecf00c0472517b5a1e32362132104573cbcb169faa1d9fd74fcd17fc2d86347c_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:28f11e72574d5d629d4ba6bfbdaad504a88952f6480e82de1b9baaf19d4da1e5_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:844bafe4fdef517fb58ba3bf5372dc25a7065588748539611c403c7e384f0fb0_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a3f7013b82f6888cfb865d1039fe2c996e9d3b1441c4e0e6c3c7d2db52502cfb_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:2e3fee5693fb95600dbbf0810e058e61657b343c347c60229f4d3acfada5698d_amd64", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:5f127d9282035ba8e8ef48a41515ba80551b75cf39e2d6302d39286a53f8ae6d_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:81de464aecfb26937cbff4058ae1c0c7c183fe032af47cbe954d0b1642a39270_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:043491d646e20633afd12a99826fe56b9f285859bddf4ca888f8fb5718ba806a_s390x", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9519ecbd8fb7535b96a28f075833ee4c9f0411829bb28429013bd23bff99e849_ppc64le", "8Base-RHACS-4.5:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ff7f50f0afae0d197e3645b0a2d8337a36d7a6a10731779b728f301d9281a10f_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", }, ], }
rhsa-2025:3503
Vulnerability from csaf_redhat
Published
2025-04-02 04:03
Modified
2025-04-07 18:32
Summary
Red Hat Security Advisory: Red Hat build of Cryostat security update
Notes
Topic
An update is now available for the Red Hat build of Cryostat 4 on RHEL 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
An update is now available for the Red Hat build of Cryostat 4 on RHEL 9.
Security Fix(es):
* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws (CVE-2025-22868)
* golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for the Red Hat build of Cryostat 4 on RHEL 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "An update is now available for the Red Hat build of Cryostat 4 on RHEL 9.\n\nSecurity Fix(es):\n\n* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws (CVE-2025-22868)\n* golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3503", url: "https://access.redhat.com/errata/RHSA-2025:3503", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2348366", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348366", }, { category: "external", summary: "2354195", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2354195", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3503.json", }, ], title: "Red Hat Security Advisory: Red Hat build of Cryostat security update", tracking: { current_release_date: "2025-04-07T18:32:13+00:00", generator: { date: "2025-04-07T18:32:13+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3503", initial_release_date: "2025-04-02T04:03:14+00:00", revision_history: [ { date: "2025-04-02T04:03:14+00:00", number: "1", summary: "Initial version", }, { date: "2025-04-02T04:03:14+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-07T18:32:13+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Cryostat 4 on RHEL 9", product: { name: "Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4", product_identification_helper: { cpe: "cpe:/a:redhat:cryostat:4::el9", }, }, }, ], category: "product_family", name: "Cryostat", }, { branches: [ { category: "product_version", name: "cryostat/cryostat-agent-init-rhel9@sha256:12a06a8e0d5d382c26d38c483c4f78e1a51d6ad3d79dff1639bec6a622a09d52_amd64", product: { name: "cryostat/cryostat-agent-init-rhel9@sha256:12a06a8e0d5d382c26d38c483c4f78e1a51d6ad3d79dff1639bec6a622a09d52_amd64", product_id: "cryostat/cryostat-agent-init-rhel9@sha256:12a06a8e0d5d382c26d38c483c4f78e1a51d6ad3d79dff1639bec6a622a09d52_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-agent-init-rhel9@sha256:12a06a8e0d5d382c26d38c483c4f78e1a51d6ad3d79dff1639bec6a622a09d52?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-agent-init-rhel9&tag=0.5.0-9", }, }, }, { category: "product_version", name: "cryostat/cryostat-db-rhel9@sha256:157664280b02da4cdde98df786cc27abb3aded584e5a03cbd4bd3784203c4706_amd64", product: { name: "cryostat/cryostat-db-rhel9@sha256:157664280b02da4cdde98df786cc27abb3aded584e5a03cbd4bd3784203c4706_amd64", product_id: "cryostat/cryostat-db-rhel9@sha256:157664280b02da4cdde98df786cc27abb3aded584e5a03cbd4bd3784203c4706_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-db-rhel9@sha256:157664280b02da4cdde98df786cc27abb3aded584e5a03cbd4bd3784203c4706?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-db-rhel9&tag=4.0.0-10", }, }, }, { category: "product_version", name: "cryostat/cryostat-grafana-dashboard-rhel9@sha256:54ffe77a5bf806e7be3ee1a8d72e68057d77a249065dc2462a2bbf559827ea92_amd64", product: { name: "cryostat/cryostat-grafana-dashboard-rhel9@sha256:54ffe77a5bf806e7be3ee1a8d72e68057d77a249065dc2462a2bbf559827ea92_amd64", product_id: "cryostat/cryostat-grafana-dashboard-rhel9@sha256:54ffe77a5bf806e7be3ee1a8d72e68057d77a249065dc2462a2bbf559827ea92_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-grafana-dashboard-rhel9@sha256:54ffe77a5bf806e7be3ee1a8d72e68057d77a249065dc2462a2bbf559827ea92?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-grafana-dashboard-rhel9&tag=4.0.0-10", }, }, }, { category: "product_version", name: "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:c255654c653c29e80cf9c10c7e473cb151f39d94290f944475f19a12ef1c39ec_amd64", product: { name: "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:c255654c653c29e80cf9c10c7e473cb151f39d94290f944475f19a12ef1c39ec_amd64", product_id: "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:c255654c653c29e80cf9c10c7e473cb151f39d94290f944475f19a12ef1c39ec_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-openshift-console-plugin-rhel9@sha256:c255654c653c29e80cf9c10c7e473cb151f39d94290f944475f19a12ef1c39ec?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-openshift-console-plugin-rhel9&tag=4.0.0-10", }, }, }, { category: "product_version", name: "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:3552d84395e741d3c3d808734efc4d1a1d539785a4a8f38697cb0060a471833d_amd64", product: { name: "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:3552d84395e741d3c3d808734efc4d1a1d539785a4a8f38697cb0060a471833d_amd64", product_id: "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:3552d84395e741d3c3d808734efc4d1a1d539785a4a8f38697cb0060a471833d_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-ose-oauth-proxy-rhel9@sha256:3552d84395e741d3c3d808734efc4d1a1d539785a4a8f38697cb0060a471833d?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-ose-oauth-proxy-rhel9&tag=4.0.0-10", }, }, }, { category: "product_version", name: "cryostat/cryostat-reports-rhel9@sha256:ccfe79e9225349ba158b6286d9e61f78ea80cb07433c4b691c976ce40debd002_amd64", product: { name: "cryostat/cryostat-reports-rhel9@sha256:ccfe79e9225349ba158b6286d9e61f78ea80cb07433c4b691c976ce40debd002_amd64", product_id: "cryostat/cryostat-reports-rhel9@sha256:ccfe79e9225349ba158b6286d9e61f78ea80cb07433c4b691c976ce40debd002_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-reports-rhel9@sha256:ccfe79e9225349ba158b6286d9e61f78ea80cb07433c4b691c976ce40debd002?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-reports-rhel9&tag=4.0.0-10", }, }, }, { category: "product_version", name: "cryostat/cryostat-rhel9@sha256:e9fe9919dd3f96580ab42b92f317cbc6f32229c38b77d566319feeb79dcd5f13_amd64", product: { name: "cryostat/cryostat-rhel9@sha256:e9fe9919dd3f96580ab42b92f317cbc6f32229c38b77d566319feeb79dcd5f13_amd64", product_id: "cryostat/cryostat-rhel9@sha256:e9fe9919dd3f96580ab42b92f317cbc6f32229c38b77d566319feeb79dcd5f13_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-rhel9@sha256:e9fe9919dd3f96580ab42b92f317cbc6f32229c38b77d566319feeb79dcd5f13?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-rhel9&tag=4.0.0-10", }, }, }, { category: "product_version", name: "cryostat/cryostat-operator-bundle@sha256:8306aa3360d707d0cc3e070e1f924145331a350991a4b130d48d7f9089313ed9_amd64", product: { name: "cryostat/cryostat-operator-bundle@sha256:8306aa3360d707d0cc3e070e1f924145331a350991a4b130d48d7f9089313ed9_amd64", product_id: "cryostat/cryostat-operator-bundle@sha256:8306aa3360d707d0cc3e070e1f924145331a350991a4b130d48d7f9089313ed9_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-operator-bundle@sha256:8306aa3360d707d0cc3e070e1f924145331a350991a4b130d48d7f9089313ed9?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-operator-bundle&tag=4.0.0-9", }, }, }, { category: "product_version", name: "cryostat/cryostat-rhel9-operator@sha256:a1e0e21641dac4d48017d0e766a2fa42b502dffeb6df3548eb464e785ec48b6a_amd64", product: { name: "cryostat/cryostat-rhel9-operator@sha256:a1e0e21641dac4d48017d0e766a2fa42b502dffeb6df3548eb464e785ec48b6a_amd64", product_id: "cryostat/cryostat-rhel9-operator@sha256:a1e0e21641dac4d48017d0e766a2fa42b502dffeb6df3548eb464e785ec48b6a_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-rhel9-operator@sha256:a1e0e21641dac4d48017d0e766a2fa42b502dffeb6df3548eb464e785ec48b6a?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-rhel9-operator&tag=4.0.0-10", }, }, }, { category: "product_version", name: "cryostat/cryostat-storage-rhel9@sha256:6918d6472c06b73ce99c6f2892501c9119e0d0edceefd2202d884bda8bb82595_amd64", product: { name: "cryostat/cryostat-storage-rhel9@sha256:6918d6472c06b73ce99c6f2892501c9119e0d0edceefd2202d884bda8bb82595_amd64", product_id: "cryostat/cryostat-storage-rhel9@sha256:6918d6472c06b73ce99c6f2892501c9119e0d0edceefd2202d884bda8bb82595_amd64", product_identification_helper: { purl: "pkg:oci/cryostat-storage-rhel9@sha256:6918d6472c06b73ce99c6f2892501c9119e0d0edceefd2202d884bda8bb82595?arch=amd64&repository_url=registry.redhat.io/cryostat/cryostat-storage-rhel9&tag=4.0.0-10", }, }, }, { category: "product_version", name: "cryostat/jfr-datasource-rhel9@sha256:437080e91c3dbcb4f6c91bc03613dc33b65ed42b20923464c4ddc634d95be8df_amd64", product: { name: "cryostat/jfr-datasource-rhel9@sha256:437080e91c3dbcb4f6c91bc03613dc33b65ed42b20923464c4ddc634d95be8df_amd64", product_id: "cryostat/jfr-datasource-rhel9@sha256:437080e91c3dbcb4f6c91bc03613dc33b65ed42b20923464c4ddc634d95be8df_amd64", product_identification_helper: { purl: "pkg:oci/jfr-datasource-rhel9@sha256:437080e91c3dbcb4f6c91bc03613dc33b65ed42b20923464c4ddc634d95be8df?arch=amd64&repository_url=registry.redhat.io/cryostat/jfr-datasource-rhel9&tag=4.0.0-10", }, }, }, ], category: "architecture", name: "amd64", }, { branches: [ { category: "product_version", name: "cryostat/cryostat-agent-init-rhel9@sha256:428c822edc825eb2edc7ca3c2228f445aacbe5f997bc7bd681e2af3c5a386c88_arm64", product: { name: "cryostat/cryostat-agent-init-rhel9@sha256:428c822edc825eb2edc7ca3c2228f445aacbe5f997bc7bd681e2af3c5a386c88_arm64", product_id: "cryostat/cryostat-agent-init-rhel9@sha256:428c822edc825eb2edc7ca3c2228f445aacbe5f997bc7bd681e2af3c5a386c88_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-agent-init-rhel9@sha256:428c822edc825eb2edc7ca3c2228f445aacbe5f997bc7bd681e2af3c5a386c88?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-agent-init-rhel9&tag=0.5.0-9", }, }, }, { category: "product_version", name: "cryostat/cryostat-db-rhel9@sha256:173716b149b7457f165166ce40f894be7d3fecb11460202cbce52040e5409c35_arm64", product: { name: "cryostat/cryostat-db-rhel9@sha256:173716b149b7457f165166ce40f894be7d3fecb11460202cbce52040e5409c35_arm64", product_id: "cryostat/cryostat-db-rhel9@sha256:173716b149b7457f165166ce40f894be7d3fecb11460202cbce52040e5409c35_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-db-rhel9@sha256:173716b149b7457f165166ce40f894be7d3fecb11460202cbce52040e5409c35?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-db-rhel9&tag=4.0.0-10", }, }, }, { category: "product_version", name: "cryostat/cryostat-grafana-dashboard-rhel9@sha256:8e3df4dd75a6aafc343aef028698d53e698993d19402d0d355f80d5018bff762_arm64", product: { name: "cryostat/cryostat-grafana-dashboard-rhel9@sha256:8e3df4dd75a6aafc343aef028698d53e698993d19402d0d355f80d5018bff762_arm64", product_id: "cryostat/cryostat-grafana-dashboard-rhel9@sha256:8e3df4dd75a6aafc343aef028698d53e698993d19402d0d355f80d5018bff762_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-grafana-dashboard-rhel9@sha256:8e3df4dd75a6aafc343aef028698d53e698993d19402d0d355f80d5018bff762?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-grafana-dashboard-rhel9&tag=4.0.0-10", }, }, }, { category: "product_version", name: "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:eb034cbcb54c54ef37dfad635f17182bcd3dc74b79690b116fdc24e4249e8ecb_arm64", product: { name: "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:eb034cbcb54c54ef37dfad635f17182bcd3dc74b79690b116fdc24e4249e8ecb_arm64", product_id: "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:eb034cbcb54c54ef37dfad635f17182bcd3dc74b79690b116fdc24e4249e8ecb_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-openshift-console-plugin-rhel9@sha256:eb034cbcb54c54ef37dfad635f17182bcd3dc74b79690b116fdc24e4249e8ecb?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-openshift-console-plugin-rhel9&tag=4.0.0-10", }, }, }, { category: "product_version", name: "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:1cbdcaff07fcfe25c14191d2d585e2379369dff38ea22d85c85cb7e0219941af_arm64", product: { name: "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:1cbdcaff07fcfe25c14191d2d585e2379369dff38ea22d85c85cb7e0219941af_arm64", product_id: "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:1cbdcaff07fcfe25c14191d2d585e2379369dff38ea22d85c85cb7e0219941af_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-ose-oauth-proxy-rhel9@sha256:1cbdcaff07fcfe25c14191d2d585e2379369dff38ea22d85c85cb7e0219941af?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-ose-oauth-proxy-rhel9&tag=4.0.0-10", }, }, }, { category: "product_version", name: "cryostat/cryostat-reports-rhel9@sha256:fa94f80fd26e0664bfa343018888c90c86290290b519c0e0b2c7dccc869c3a33_arm64", product: { name: "cryostat/cryostat-reports-rhel9@sha256:fa94f80fd26e0664bfa343018888c90c86290290b519c0e0b2c7dccc869c3a33_arm64", product_id: "cryostat/cryostat-reports-rhel9@sha256:fa94f80fd26e0664bfa343018888c90c86290290b519c0e0b2c7dccc869c3a33_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-reports-rhel9@sha256:fa94f80fd26e0664bfa343018888c90c86290290b519c0e0b2c7dccc869c3a33?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-reports-rhel9&tag=4.0.0-10", }, }, }, { category: "product_version", name: "cryostat/cryostat-rhel9@sha256:2bb5b9eaeeff2f2d8c37390c84ede1133d50e11610b65586f68776897e13357d_arm64", product: { name: "cryostat/cryostat-rhel9@sha256:2bb5b9eaeeff2f2d8c37390c84ede1133d50e11610b65586f68776897e13357d_arm64", product_id: "cryostat/cryostat-rhel9@sha256:2bb5b9eaeeff2f2d8c37390c84ede1133d50e11610b65586f68776897e13357d_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-rhel9@sha256:2bb5b9eaeeff2f2d8c37390c84ede1133d50e11610b65586f68776897e13357d?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-rhel9&tag=4.0.0-10", }, }, }, { category: "product_version", name: "cryostat/cryostat-operator-bundle@sha256:7a4da133dceabc42a411e70d35af99988c2bf1e76f7f44291105f16b561f344e_arm64", product: { name: "cryostat/cryostat-operator-bundle@sha256:7a4da133dceabc42a411e70d35af99988c2bf1e76f7f44291105f16b561f344e_arm64", product_id: "cryostat/cryostat-operator-bundle@sha256:7a4da133dceabc42a411e70d35af99988c2bf1e76f7f44291105f16b561f344e_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-operator-bundle@sha256:7a4da133dceabc42a411e70d35af99988c2bf1e76f7f44291105f16b561f344e?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-operator-bundle&tag=4.0.0-9", }, }, }, { category: "product_version", name: "cryostat/cryostat-rhel9-operator@sha256:a4c71fd908b5933b74aab3ee1747223d3ec8313a73b14dfe589411dfca41453c_arm64", product: { name: "cryostat/cryostat-rhel9-operator@sha256:a4c71fd908b5933b74aab3ee1747223d3ec8313a73b14dfe589411dfca41453c_arm64", product_id: "cryostat/cryostat-rhel9-operator@sha256:a4c71fd908b5933b74aab3ee1747223d3ec8313a73b14dfe589411dfca41453c_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-rhel9-operator@sha256:a4c71fd908b5933b74aab3ee1747223d3ec8313a73b14dfe589411dfca41453c?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-rhel9-operator&tag=4.0.0-10", }, }, }, { category: "product_version", name: "cryostat/cryostat-storage-rhel9@sha256:16552269a995975755cb616f21896388f7565125323ffb59d4b3f1faf0e45874_arm64", product: { name: "cryostat/cryostat-storage-rhel9@sha256:16552269a995975755cb616f21896388f7565125323ffb59d4b3f1faf0e45874_arm64", product_id: "cryostat/cryostat-storage-rhel9@sha256:16552269a995975755cb616f21896388f7565125323ffb59d4b3f1faf0e45874_arm64", product_identification_helper: { purl: "pkg:oci/cryostat-storage-rhel9@sha256:16552269a995975755cb616f21896388f7565125323ffb59d4b3f1faf0e45874?arch=arm64&repository_url=registry.redhat.io/cryostat/cryostat-storage-rhel9&tag=4.0.0-10", }, }, }, { category: "product_version", name: "cryostat/jfr-datasource-rhel9@sha256:1fe4428a9048c8257b28a748fe72f20fba5adc02f5fa6c017f7472dff83b2f26_arm64", product: { name: "cryostat/jfr-datasource-rhel9@sha256:1fe4428a9048c8257b28a748fe72f20fba5adc02f5fa6c017f7472dff83b2f26_arm64", product_id: "cryostat/jfr-datasource-rhel9@sha256:1fe4428a9048c8257b28a748fe72f20fba5adc02f5fa6c017f7472dff83b2f26_arm64", product_identification_helper: { purl: "pkg:oci/jfr-datasource-rhel9@sha256:1fe4428a9048c8257b28a748fe72f20fba5adc02f5fa6c017f7472dff83b2f26?arch=arm64&repository_url=registry.redhat.io/cryostat/jfr-datasource-rhel9&tag=4.0.0-10", }, }, }, ], category: "architecture", name: "arm64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-agent-init-rhel9@sha256:12a06a8e0d5d382c26d38c483c4f78e1a51d6ad3d79dff1639bec6a622a09d52_amd64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:12a06a8e0d5d382c26d38c483c4f78e1a51d6ad3d79dff1639bec6a622a09d52_amd64", }, product_reference: "cryostat/cryostat-agent-init-rhel9@sha256:12a06a8e0d5d382c26d38c483c4f78e1a51d6ad3d79dff1639bec6a622a09d52_amd64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-agent-init-rhel9@sha256:428c822edc825eb2edc7ca3c2228f445aacbe5f997bc7bd681e2af3c5a386c88_arm64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:428c822edc825eb2edc7ca3c2228f445aacbe5f997bc7bd681e2af3c5a386c88_arm64", }, product_reference: "cryostat/cryostat-agent-init-rhel9@sha256:428c822edc825eb2edc7ca3c2228f445aacbe5f997bc7bd681e2af3c5a386c88_arm64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-db-rhel9@sha256:157664280b02da4cdde98df786cc27abb3aded584e5a03cbd4bd3784203c4706_amd64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:157664280b02da4cdde98df786cc27abb3aded584e5a03cbd4bd3784203c4706_amd64", }, product_reference: "cryostat/cryostat-db-rhel9@sha256:157664280b02da4cdde98df786cc27abb3aded584e5a03cbd4bd3784203c4706_amd64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-db-rhel9@sha256:173716b149b7457f165166ce40f894be7d3fecb11460202cbce52040e5409c35_arm64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:173716b149b7457f165166ce40f894be7d3fecb11460202cbce52040e5409c35_arm64", }, product_reference: "cryostat/cryostat-db-rhel9@sha256:173716b149b7457f165166ce40f894be7d3fecb11460202cbce52040e5409c35_arm64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-grafana-dashboard-rhel9@sha256:54ffe77a5bf806e7be3ee1a8d72e68057d77a249065dc2462a2bbf559827ea92_amd64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:54ffe77a5bf806e7be3ee1a8d72e68057d77a249065dc2462a2bbf559827ea92_amd64", }, product_reference: "cryostat/cryostat-grafana-dashboard-rhel9@sha256:54ffe77a5bf806e7be3ee1a8d72e68057d77a249065dc2462a2bbf559827ea92_amd64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-grafana-dashboard-rhel9@sha256:8e3df4dd75a6aafc343aef028698d53e698993d19402d0d355f80d5018bff762_arm64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8e3df4dd75a6aafc343aef028698d53e698993d19402d0d355f80d5018bff762_arm64", }, product_reference: "cryostat/cryostat-grafana-dashboard-rhel9@sha256:8e3df4dd75a6aafc343aef028698d53e698993d19402d0d355f80d5018bff762_arm64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:c255654c653c29e80cf9c10c7e473cb151f39d94290f944475f19a12ef1c39ec_amd64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:c255654c653c29e80cf9c10c7e473cb151f39d94290f944475f19a12ef1c39ec_amd64", }, product_reference: "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:c255654c653c29e80cf9c10c7e473cb151f39d94290f944475f19a12ef1c39ec_amd64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:eb034cbcb54c54ef37dfad635f17182bcd3dc74b79690b116fdc24e4249e8ecb_arm64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:eb034cbcb54c54ef37dfad635f17182bcd3dc74b79690b116fdc24e4249e8ecb_arm64", }, product_reference: "cryostat/cryostat-openshift-console-plugin-rhel9@sha256:eb034cbcb54c54ef37dfad635f17182bcd3dc74b79690b116fdc24e4249e8ecb_arm64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-operator-bundle@sha256:7a4da133dceabc42a411e70d35af99988c2bf1e76f7f44291105f16b561f344e_arm64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:7a4da133dceabc42a411e70d35af99988c2bf1e76f7f44291105f16b561f344e_arm64", }, product_reference: "cryostat/cryostat-operator-bundle@sha256:7a4da133dceabc42a411e70d35af99988c2bf1e76f7f44291105f16b561f344e_arm64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-operator-bundle@sha256:8306aa3360d707d0cc3e070e1f924145331a350991a4b130d48d7f9089313ed9_amd64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:8306aa3360d707d0cc3e070e1f924145331a350991a4b130d48d7f9089313ed9_amd64", }, product_reference: "cryostat/cryostat-operator-bundle@sha256:8306aa3360d707d0cc3e070e1f924145331a350991a4b130d48d7f9089313ed9_amd64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:1cbdcaff07fcfe25c14191d2d585e2379369dff38ea22d85c85cb7e0219941af_arm64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:1cbdcaff07fcfe25c14191d2d585e2379369dff38ea22d85c85cb7e0219941af_arm64", }, product_reference: "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:1cbdcaff07fcfe25c14191d2d585e2379369dff38ea22d85c85cb7e0219941af_arm64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:3552d84395e741d3c3d808734efc4d1a1d539785a4a8f38697cb0060a471833d_amd64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:3552d84395e741d3c3d808734efc4d1a1d539785a4a8f38697cb0060a471833d_amd64", }, product_reference: "cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:3552d84395e741d3c3d808734efc4d1a1d539785a4a8f38697cb0060a471833d_amd64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-reports-rhel9@sha256:ccfe79e9225349ba158b6286d9e61f78ea80cb07433c4b691c976ce40debd002_amd64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ccfe79e9225349ba158b6286d9e61f78ea80cb07433c4b691c976ce40debd002_amd64", }, product_reference: "cryostat/cryostat-reports-rhel9@sha256:ccfe79e9225349ba158b6286d9e61f78ea80cb07433c4b691c976ce40debd002_amd64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-reports-rhel9@sha256:fa94f80fd26e0664bfa343018888c90c86290290b519c0e0b2c7dccc869c3a33_arm64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fa94f80fd26e0664bfa343018888c90c86290290b519c0e0b2c7dccc869c3a33_arm64", }, product_reference: "cryostat/cryostat-reports-rhel9@sha256:fa94f80fd26e0664bfa343018888c90c86290290b519c0e0b2c7dccc869c3a33_arm64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-rhel9-operator@sha256:a1e0e21641dac4d48017d0e766a2fa42b502dffeb6df3548eb464e785ec48b6a_amd64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a1e0e21641dac4d48017d0e766a2fa42b502dffeb6df3548eb464e785ec48b6a_amd64", }, product_reference: "cryostat/cryostat-rhel9-operator@sha256:a1e0e21641dac4d48017d0e766a2fa42b502dffeb6df3548eb464e785ec48b6a_amd64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-rhel9-operator@sha256:a4c71fd908b5933b74aab3ee1747223d3ec8313a73b14dfe589411dfca41453c_arm64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4c71fd908b5933b74aab3ee1747223d3ec8313a73b14dfe589411dfca41453c_arm64", }, product_reference: "cryostat/cryostat-rhel9-operator@sha256:a4c71fd908b5933b74aab3ee1747223d3ec8313a73b14dfe589411dfca41453c_arm64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-rhel9@sha256:2bb5b9eaeeff2f2d8c37390c84ede1133d50e11610b65586f68776897e13357d_arm64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:2bb5b9eaeeff2f2d8c37390c84ede1133d50e11610b65586f68776897e13357d_arm64", }, product_reference: "cryostat/cryostat-rhel9@sha256:2bb5b9eaeeff2f2d8c37390c84ede1133d50e11610b65586f68776897e13357d_arm64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-rhel9@sha256:e9fe9919dd3f96580ab42b92f317cbc6f32229c38b77d566319feeb79dcd5f13_amd64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:e9fe9919dd3f96580ab42b92f317cbc6f32229c38b77d566319feeb79dcd5f13_amd64", }, product_reference: "cryostat/cryostat-rhel9@sha256:e9fe9919dd3f96580ab42b92f317cbc6f32229c38b77d566319feeb79dcd5f13_amd64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-storage-rhel9@sha256:16552269a995975755cb616f21896388f7565125323ffb59d4b3f1faf0e45874_arm64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:16552269a995975755cb616f21896388f7565125323ffb59d4b3f1faf0e45874_arm64", }, product_reference: "cryostat/cryostat-storage-rhel9@sha256:16552269a995975755cb616f21896388f7565125323ffb59d4b3f1faf0e45874_arm64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/cryostat-storage-rhel9@sha256:6918d6472c06b73ce99c6f2892501c9119e0d0edceefd2202d884bda8bb82595_amd64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6918d6472c06b73ce99c6f2892501c9119e0d0edceefd2202d884bda8bb82595_amd64", }, product_reference: "cryostat/cryostat-storage-rhel9@sha256:6918d6472c06b73ce99c6f2892501c9119e0d0edceefd2202d884bda8bb82595_amd64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/jfr-datasource-rhel9@sha256:1fe4428a9048c8257b28a748fe72f20fba5adc02f5fa6c017f7472dff83b2f26_arm64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:1fe4428a9048c8257b28a748fe72f20fba5adc02f5fa6c017f7472dff83b2f26_arm64", }, product_reference: "cryostat/jfr-datasource-rhel9@sha256:1fe4428a9048c8257b28a748fe72f20fba5adc02f5fa6c017f7472dff83b2f26_arm64", relates_to_product_reference: "9Base-Cryostat-4", }, { category: "default_component_of", full_product_name: { name: "cryostat/jfr-datasource-rhel9@sha256:437080e91c3dbcb4f6c91bc03613dc33b65ed42b20923464c4ddc634d95be8df_amd64 as a component of Cryostat 4 on RHEL 9", product_id: "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:437080e91c3dbcb4f6c91bc03613dc33b65ed42b20923464c4ddc634d95be8df_amd64", }, product_reference: "cryostat/jfr-datasource-rhel9@sha256:437080e91c3dbcb4f6c91bc03613dc33b65ed42b20923464c4ddc634d95be8df_amd64", relates_to_product_reference: "9Base-Cryostat-4", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "jub0bs", ], }, ], cve: "CVE-2025-22868", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, discovery_date: "2025-02-26T04:00:44.350024+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2348366", }, ], notes: [ { category: "description", text: "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:12a06a8e0d5d382c26d38c483c4f78e1a51d6ad3d79dff1639bec6a622a09d52_amd64", "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:428c822edc825eb2edc7ca3c2228f445aacbe5f997bc7bd681e2af3c5a386c88_arm64", "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:157664280b02da4cdde98df786cc27abb3aded584e5a03cbd4bd3784203c4706_amd64", "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:173716b149b7457f165166ce40f894be7d3fecb11460202cbce52040e5409c35_arm64", "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:54ffe77a5bf806e7be3ee1a8d72e68057d77a249065dc2462a2bbf559827ea92_amd64", "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8e3df4dd75a6aafc343aef028698d53e698993d19402d0d355f80d5018bff762_arm64", "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:c255654c653c29e80cf9c10c7e473cb151f39d94290f944475f19a12ef1c39ec_amd64", "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:eb034cbcb54c54ef37dfad635f17182bcd3dc74b79690b116fdc24e4249e8ecb_arm64", "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:7a4da133dceabc42a411e70d35af99988c2bf1e76f7f44291105f16b561f344e_arm64", "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:8306aa3360d707d0cc3e070e1f924145331a350991a4b130d48d7f9089313ed9_amd64", "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:1cbdcaff07fcfe25c14191d2d585e2379369dff38ea22d85c85cb7e0219941af_arm64", "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:3552d84395e741d3c3d808734efc4d1a1d539785a4a8f38697cb0060a471833d_amd64", "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ccfe79e9225349ba158b6286d9e61f78ea80cb07433c4b691c976ce40debd002_amd64", "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fa94f80fd26e0664bfa343018888c90c86290290b519c0e0b2c7dccc869c3a33_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a1e0e21641dac4d48017d0e766a2fa42b502dffeb6df3548eb464e785ec48b6a_amd64", "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4c71fd908b5933b74aab3ee1747223d3ec8313a73b14dfe589411dfca41453c_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:2bb5b9eaeeff2f2d8c37390c84ede1133d50e11610b65586f68776897e13357d_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:e9fe9919dd3f96580ab42b92f317cbc6f32229c38b77d566319feeb79dcd5f13_amd64", "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:16552269a995975755cb616f21896388f7565125323ffb59d4b3f1faf0e45874_arm64", "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6918d6472c06b73ce99c6f2892501c9119e0d0edceefd2202d884bda8bb82595_amd64", "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:1fe4428a9048c8257b28a748fe72f20fba5adc02f5fa6c017f7472dff83b2f26_arm64", "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:437080e91c3dbcb4f6c91bc03613dc33b65ed42b20923464c4ddc634d95be8df_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "RHBZ#2348366", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348366", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22868", url: "https://www.cve.org/CVERecord?id=CVE-2025-22868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", }, { category: "external", summary: "https://go.dev/cl/652155", url: "https://go.dev/cl/652155", }, { category: "external", summary: "https://go.dev/issue/71490", url: "https://go.dev/issue/71490", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3488", url: "https://pkg.go.dev/vuln/GO-2025-3488", }, ], release_date: "2025-02-26T03:07:49.012000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-02T04:03:14+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:12a06a8e0d5d382c26d38c483c4f78e1a51d6ad3d79dff1639bec6a622a09d52_amd64", "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:428c822edc825eb2edc7ca3c2228f445aacbe5f997bc7bd681e2af3c5a386c88_arm64", "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:157664280b02da4cdde98df786cc27abb3aded584e5a03cbd4bd3784203c4706_amd64", "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:173716b149b7457f165166ce40f894be7d3fecb11460202cbce52040e5409c35_arm64", "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:54ffe77a5bf806e7be3ee1a8d72e68057d77a249065dc2462a2bbf559827ea92_amd64", "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8e3df4dd75a6aafc343aef028698d53e698993d19402d0d355f80d5018bff762_arm64", "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:c255654c653c29e80cf9c10c7e473cb151f39d94290f944475f19a12ef1c39ec_amd64", "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:eb034cbcb54c54ef37dfad635f17182bcd3dc74b79690b116fdc24e4249e8ecb_arm64", "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:7a4da133dceabc42a411e70d35af99988c2bf1e76f7f44291105f16b561f344e_arm64", "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:8306aa3360d707d0cc3e070e1f924145331a350991a4b130d48d7f9089313ed9_amd64", "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:1cbdcaff07fcfe25c14191d2d585e2379369dff38ea22d85c85cb7e0219941af_arm64", "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:3552d84395e741d3c3d808734efc4d1a1d539785a4a8f38697cb0060a471833d_amd64", "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ccfe79e9225349ba158b6286d9e61f78ea80cb07433c4b691c976ce40debd002_amd64", "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fa94f80fd26e0664bfa343018888c90c86290290b519c0e0b2c7dccc869c3a33_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a1e0e21641dac4d48017d0e766a2fa42b502dffeb6df3548eb464e785ec48b6a_amd64", "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4c71fd908b5933b74aab3ee1747223d3ec8313a73b14dfe589411dfca41453c_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:2bb5b9eaeeff2f2d8c37390c84ede1133d50e11610b65586f68776897e13357d_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:e9fe9919dd3f96580ab42b92f317cbc6f32229c38b77d566319feeb79dcd5f13_amd64", "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:16552269a995975755cb616f21896388f7565125323ffb59d4b3f1faf0e45874_arm64", "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6918d6472c06b73ce99c6f2892501c9119e0d0edceefd2202d884bda8bb82595_amd64", "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:1fe4428a9048c8257b28a748fe72f20fba5adc02f5fa6c017f7472dff83b2f26_arm64", "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:437080e91c3dbcb4f6c91bc03613dc33b65ed42b20923464c4ddc634d95be8df_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3503", }, { category: "workaround", details: "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.", product_ids: [ "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:12a06a8e0d5d382c26d38c483c4f78e1a51d6ad3d79dff1639bec6a622a09d52_amd64", "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:428c822edc825eb2edc7ca3c2228f445aacbe5f997bc7bd681e2af3c5a386c88_arm64", "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:157664280b02da4cdde98df786cc27abb3aded584e5a03cbd4bd3784203c4706_amd64", "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:173716b149b7457f165166ce40f894be7d3fecb11460202cbce52040e5409c35_arm64", "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:54ffe77a5bf806e7be3ee1a8d72e68057d77a249065dc2462a2bbf559827ea92_amd64", "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8e3df4dd75a6aafc343aef028698d53e698993d19402d0d355f80d5018bff762_arm64", "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:c255654c653c29e80cf9c10c7e473cb151f39d94290f944475f19a12ef1c39ec_amd64", "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:eb034cbcb54c54ef37dfad635f17182bcd3dc74b79690b116fdc24e4249e8ecb_arm64", "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:7a4da133dceabc42a411e70d35af99988c2bf1e76f7f44291105f16b561f344e_arm64", "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:8306aa3360d707d0cc3e070e1f924145331a350991a4b130d48d7f9089313ed9_amd64", "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:1cbdcaff07fcfe25c14191d2d585e2379369dff38ea22d85c85cb7e0219941af_arm64", "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:3552d84395e741d3c3d808734efc4d1a1d539785a4a8f38697cb0060a471833d_amd64", "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ccfe79e9225349ba158b6286d9e61f78ea80cb07433c4b691c976ce40debd002_amd64", "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fa94f80fd26e0664bfa343018888c90c86290290b519c0e0b2c7dccc869c3a33_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a1e0e21641dac4d48017d0e766a2fa42b502dffeb6df3548eb464e785ec48b6a_amd64", "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4c71fd908b5933b74aab3ee1747223d3ec8313a73b14dfe589411dfca41453c_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:2bb5b9eaeeff2f2d8c37390c84ede1133d50e11610b65586f68776897e13357d_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:e9fe9919dd3f96580ab42b92f317cbc6f32229c38b77d566319feeb79dcd5f13_amd64", "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:16552269a995975755cb616f21896388f7565125323ffb59d4b3f1faf0e45874_arm64", "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6918d6472c06b73ce99c6f2892501c9119e0d0edceefd2202d884bda8bb82595_amd64", "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:1fe4428a9048c8257b28a748fe72f20fba5adc02f5fa6c017f7472dff83b2f26_arm64", "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:437080e91c3dbcb4f6c91bc03613dc33b65ed42b20923464c4ddc634d95be8df_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:12a06a8e0d5d382c26d38c483c4f78e1a51d6ad3d79dff1639bec6a622a09d52_amd64", "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:428c822edc825eb2edc7ca3c2228f445aacbe5f997bc7bd681e2af3c5a386c88_arm64", "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:157664280b02da4cdde98df786cc27abb3aded584e5a03cbd4bd3784203c4706_amd64", "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:173716b149b7457f165166ce40f894be7d3fecb11460202cbce52040e5409c35_arm64", "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:54ffe77a5bf806e7be3ee1a8d72e68057d77a249065dc2462a2bbf559827ea92_amd64", "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8e3df4dd75a6aafc343aef028698d53e698993d19402d0d355f80d5018bff762_arm64", "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:c255654c653c29e80cf9c10c7e473cb151f39d94290f944475f19a12ef1c39ec_amd64", "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:eb034cbcb54c54ef37dfad635f17182bcd3dc74b79690b116fdc24e4249e8ecb_arm64", "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:7a4da133dceabc42a411e70d35af99988c2bf1e76f7f44291105f16b561f344e_arm64", "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:8306aa3360d707d0cc3e070e1f924145331a350991a4b130d48d7f9089313ed9_amd64", "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:1cbdcaff07fcfe25c14191d2d585e2379369dff38ea22d85c85cb7e0219941af_arm64", "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:3552d84395e741d3c3d808734efc4d1a1d539785a4a8f38697cb0060a471833d_amd64", "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ccfe79e9225349ba158b6286d9e61f78ea80cb07433c4b691c976ce40debd002_amd64", "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fa94f80fd26e0664bfa343018888c90c86290290b519c0e0b2c7dccc869c3a33_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a1e0e21641dac4d48017d0e766a2fa42b502dffeb6df3548eb464e785ec48b6a_amd64", "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4c71fd908b5933b74aab3ee1747223d3ec8313a73b14dfe589411dfca41453c_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:2bb5b9eaeeff2f2d8c37390c84ede1133d50e11610b65586f68776897e13357d_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:e9fe9919dd3f96580ab42b92f317cbc6f32229c38b77d566319feeb79dcd5f13_amd64", "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:16552269a995975755cb616f21896388f7565125323ffb59d4b3f1faf0e45874_arm64", "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6918d6472c06b73ce99c6f2892501c9119e0d0edceefd2202d884bda8bb82595_amd64", "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:1fe4428a9048c8257b28a748fe72f20fba5adc02f5fa6c017f7472dff83b2f26_arm64", "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:437080e91c3dbcb4f6c91bc03613dc33b65ed42b20923464c4ddc634d95be8df_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", }, { cve: "CVE-2025-30204", cwe: { id: "CWE-405", name: "Asymmetric Resource Consumption (Amplification)", }, discovery_date: "2025-03-21T22:00:43.818367+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2354195", }, ], notes: [ { category: "description", text: "A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service.", title: "Vulnerability description", }, { category: "summary", text: "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:12a06a8e0d5d382c26d38c483c4f78e1a51d6ad3d79dff1639bec6a622a09d52_amd64", "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:428c822edc825eb2edc7ca3c2228f445aacbe5f997bc7bd681e2af3c5a386c88_arm64", "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:157664280b02da4cdde98df786cc27abb3aded584e5a03cbd4bd3784203c4706_amd64", "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:173716b149b7457f165166ce40f894be7d3fecb11460202cbce52040e5409c35_arm64", "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:54ffe77a5bf806e7be3ee1a8d72e68057d77a249065dc2462a2bbf559827ea92_amd64", "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8e3df4dd75a6aafc343aef028698d53e698993d19402d0d355f80d5018bff762_arm64", "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:c255654c653c29e80cf9c10c7e473cb151f39d94290f944475f19a12ef1c39ec_amd64", "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:eb034cbcb54c54ef37dfad635f17182bcd3dc74b79690b116fdc24e4249e8ecb_arm64", "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:7a4da133dceabc42a411e70d35af99988c2bf1e76f7f44291105f16b561f344e_arm64", "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:8306aa3360d707d0cc3e070e1f924145331a350991a4b130d48d7f9089313ed9_amd64", "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:1cbdcaff07fcfe25c14191d2d585e2379369dff38ea22d85c85cb7e0219941af_arm64", "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:3552d84395e741d3c3d808734efc4d1a1d539785a4a8f38697cb0060a471833d_amd64", "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ccfe79e9225349ba158b6286d9e61f78ea80cb07433c4b691c976ce40debd002_amd64", "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fa94f80fd26e0664bfa343018888c90c86290290b519c0e0b2c7dccc869c3a33_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a1e0e21641dac4d48017d0e766a2fa42b502dffeb6df3548eb464e785ec48b6a_amd64", "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4c71fd908b5933b74aab3ee1747223d3ec8313a73b14dfe589411dfca41453c_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:2bb5b9eaeeff2f2d8c37390c84ede1133d50e11610b65586f68776897e13357d_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:e9fe9919dd3f96580ab42b92f317cbc6f32229c38b77d566319feeb79dcd5f13_amd64", "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:16552269a995975755cb616f21896388f7565125323ffb59d4b3f1faf0e45874_arm64", "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6918d6472c06b73ce99c6f2892501c9119e0d0edceefd2202d884bda8bb82595_amd64", "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:1fe4428a9048c8257b28a748fe72f20fba5adc02f5fa6c017f7472dff83b2f26_arm64", "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:437080e91c3dbcb4f6c91bc03613dc33b65ed42b20923464c4ddc634d95be8df_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-30204", }, { category: "external", summary: "RHBZ#2354195", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2354195", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-30204", url: "https://www.cve.org/CVERecord?id=CVE-2025-30204", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-30204", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-30204", }, { category: "external", summary: "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3", url: "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3", }, { category: "external", summary: "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp", url: "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp", }, ], release_date: "2025-03-21T21:42:01.382000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-02T04:03:14+00:00", details: "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:12a06a8e0d5d382c26d38c483c4f78e1a51d6ad3d79dff1639bec6a622a09d52_amd64", "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:428c822edc825eb2edc7ca3c2228f445aacbe5f997bc7bd681e2af3c5a386c88_arm64", "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:157664280b02da4cdde98df786cc27abb3aded584e5a03cbd4bd3784203c4706_amd64", "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:173716b149b7457f165166ce40f894be7d3fecb11460202cbce52040e5409c35_arm64", "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:54ffe77a5bf806e7be3ee1a8d72e68057d77a249065dc2462a2bbf559827ea92_amd64", "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8e3df4dd75a6aafc343aef028698d53e698993d19402d0d355f80d5018bff762_arm64", "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:c255654c653c29e80cf9c10c7e473cb151f39d94290f944475f19a12ef1c39ec_amd64", "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:eb034cbcb54c54ef37dfad635f17182bcd3dc74b79690b116fdc24e4249e8ecb_arm64", "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:7a4da133dceabc42a411e70d35af99988c2bf1e76f7f44291105f16b561f344e_arm64", "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:8306aa3360d707d0cc3e070e1f924145331a350991a4b130d48d7f9089313ed9_amd64", "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:1cbdcaff07fcfe25c14191d2d585e2379369dff38ea22d85c85cb7e0219941af_arm64", "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:3552d84395e741d3c3d808734efc4d1a1d539785a4a8f38697cb0060a471833d_amd64", "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ccfe79e9225349ba158b6286d9e61f78ea80cb07433c4b691c976ce40debd002_amd64", "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fa94f80fd26e0664bfa343018888c90c86290290b519c0e0b2c7dccc869c3a33_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a1e0e21641dac4d48017d0e766a2fa42b502dffeb6df3548eb464e785ec48b6a_amd64", "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4c71fd908b5933b74aab3ee1747223d3ec8313a73b14dfe589411dfca41453c_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:2bb5b9eaeeff2f2d8c37390c84ede1133d50e11610b65586f68776897e13357d_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:e9fe9919dd3f96580ab42b92f317cbc6f32229c38b77d566319feeb79dcd5f13_amd64", "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:16552269a995975755cb616f21896388f7565125323ffb59d4b3f1faf0e45874_arm64", "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6918d6472c06b73ce99c6f2892501c9119e0d0edceefd2202d884bda8bb82595_amd64", "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:1fe4428a9048c8257b28a748fe72f20fba5adc02f5fa6c017f7472dff83b2f26_arm64", "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:437080e91c3dbcb4f6c91bc03613dc33b65ed42b20923464c4ddc634d95be8df_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3503", }, { category: "workaround", details: "Red Hat Product Security does not have a recommended mitigation at this time.", product_ids: [ "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:12a06a8e0d5d382c26d38c483c4f78e1a51d6ad3d79dff1639bec6a622a09d52_amd64", "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:428c822edc825eb2edc7ca3c2228f445aacbe5f997bc7bd681e2af3c5a386c88_arm64", "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:157664280b02da4cdde98df786cc27abb3aded584e5a03cbd4bd3784203c4706_amd64", "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:173716b149b7457f165166ce40f894be7d3fecb11460202cbce52040e5409c35_arm64", "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:54ffe77a5bf806e7be3ee1a8d72e68057d77a249065dc2462a2bbf559827ea92_amd64", "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8e3df4dd75a6aafc343aef028698d53e698993d19402d0d355f80d5018bff762_arm64", "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:c255654c653c29e80cf9c10c7e473cb151f39d94290f944475f19a12ef1c39ec_amd64", "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:eb034cbcb54c54ef37dfad635f17182bcd3dc74b79690b116fdc24e4249e8ecb_arm64", "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:7a4da133dceabc42a411e70d35af99988c2bf1e76f7f44291105f16b561f344e_arm64", "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:8306aa3360d707d0cc3e070e1f924145331a350991a4b130d48d7f9089313ed9_amd64", "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:1cbdcaff07fcfe25c14191d2d585e2379369dff38ea22d85c85cb7e0219941af_arm64", "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:3552d84395e741d3c3d808734efc4d1a1d539785a4a8f38697cb0060a471833d_amd64", "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ccfe79e9225349ba158b6286d9e61f78ea80cb07433c4b691c976ce40debd002_amd64", "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fa94f80fd26e0664bfa343018888c90c86290290b519c0e0b2c7dccc869c3a33_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a1e0e21641dac4d48017d0e766a2fa42b502dffeb6df3548eb464e785ec48b6a_amd64", "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4c71fd908b5933b74aab3ee1747223d3ec8313a73b14dfe589411dfca41453c_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:2bb5b9eaeeff2f2d8c37390c84ede1133d50e11610b65586f68776897e13357d_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:e9fe9919dd3f96580ab42b92f317cbc6f32229c38b77d566319feeb79dcd5f13_amd64", "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:16552269a995975755cb616f21896388f7565125323ffb59d4b3f1faf0e45874_arm64", "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6918d6472c06b73ce99c6f2892501c9119e0d0edceefd2202d884bda8bb82595_amd64", "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:1fe4428a9048c8257b28a748fe72f20fba5adc02f5fa6c017f7472dff83b2f26_arm64", "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:437080e91c3dbcb4f6c91bc03613dc33b65ed42b20923464c4ddc634d95be8df_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:12a06a8e0d5d382c26d38c483c4f78e1a51d6ad3d79dff1639bec6a622a09d52_amd64", "9Base-Cryostat-4:cryostat/cryostat-agent-init-rhel9@sha256:428c822edc825eb2edc7ca3c2228f445aacbe5f997bc7bd681e2af3c5a386c88_arm64", "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:157664280b02da4cdde98df786cc27abb3aded584e5a03cbd4bd3784203c4706_amd64", "9Base-Cryostat-4:cryostat/cryostat-db-rhel9@sha256:173716b149b7457f165166ce40f894be7d3fecb11460202cbce52040e5409c35_arm64", "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:54ffe77a5bf806e7be3ee1a8d72e68057d77a249065dc2462a2bbf559827ea92_amd64", "9Base-Cryostat-4:cryostat/cryostat-grafana-dashboard-rhel9@sha256:8e3df4dd75a6aafc343aef028698d53e698993d19402d0d355f80d5018bff762_arm64", "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:c255654c653c29e80cf9c10c7e473cb151f39d94290f944475f19a12ef1c39ec_amd64", "9Base-Cryostat-4:cryostat/cryostat-openshift-console-plugin-rhel9@sha256:eb034cbcb54c54ef37dfad635f17182bcd3dc74b79690b116fdc24e4249e8ecb_arm64", "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:7a4da133dceabc42a411e70d35af99988c2bf1e76f7f44291105f16b561f344e_arm64", "9Base-Cryostat-4:cryostat/cryostat-operator-bundle@sha256:8306aa3360d707d0cc3e070e1f924145331a350991a4b130d48d7f9089313ed9_amd64", "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:1cbdcaff07fcfe25c14191d2d585e2379369dff38ea22d85c85cb7e0219941af_arm64", "9Base-Cryostat-4:cryostat/cryostat-ose-oauth-proxy-rhel9@sha256:3552d84395e741d3c3d808734efc4d1a1d539785a4a8f38697cb0060a471833d_amd64", "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:ccfe79e9225349ba158b6286d9e61f78ea80cb07433c4b691c976ce40debd002_amd64", "9Base-Cryostat-4:cryostat/cryostat-reports-rhel9@sha256:fa94f80fd26e0664bfa343018888c90c86290290b519c0e0b2c7dccc869c3a33_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a1e0e21641dac4d48017d0e766a2fa42b502dffeb6df3548eb464e785ec48b6a_amd64", "9Base-Cryostat-4:cryostat/cryostat-rhel9-operator@sha256:a4c71fd908b5933b74aab3ee1747223d3ec8313a73b14dfe589411dfca41453c_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:2bb5b9eaeeff2f2d8c37390c84ede1133d50e11610b65586f68776897e13357d_arm64", "9Base-Cryostat-4:cryostat/cryostat-rhel9@sha256:e9fe9919dd3f96580ab42b92f317cbc6f32229c38b77d566319feeb79dcd5f13_amd64", "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:16552269a995975755cb616f21896388f7565125323ffb59d4b3f1faf0e45874_arm64", "9Base-Cryostat-4:cryostat/cryostat-storage-rhel9@sha256:6918d6472c06b73ce99c6f2892501c9119e0d0edceefd2202d884bda8bb82595_amd64", "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:1fe4428a9048c8257b28a748fe72f20fba5adc02f5fa6c017f7472dff83b2f26_arm64", "9Base-Cryostat-4:cryostat/jfr-datasource-rhel9@sha256:437080e91c3dbcb4f6c91bc03613dc33b65ed42b20923464c4ddc634d95be8df_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing", }, ], }
rhsa-2025:3593
Vulnerability from csaf_redhat
Published
2025-04-03 13:38
Modified
2025-04-07 23:02
Summary
Red Hat Security Advisory: opentelemetry-collector security update
Notes
Topic
An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Collector with the supported components for a Red Hat build of OpenTelemetry
Security Fix(es):
* golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)
* go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144)
* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws (CVE-2025-22868)
* github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input (CVE-2025-29786)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Collector with the supported components for a Red Hat build of OpenTelemetry\n\nSecurity Fix(es):\n\n* golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect (CVE-2024-45336)\n\n* go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144)\n\n* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws (CVE-2025-22868)\n\n* github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input (CVE-2025-29786)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3593", url: "https://access.redhat.com/errata/RHSA-2025:3593", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "2341751", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2341751", }, { category: "external", summary: "2347423", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2347423", }, { category: "external", summary: "2348366", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348366", }, { category: "external", summary: "2352914", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2352914", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3593.json", }, ], title: "Red Hat Security Advisory: opentelemetry-collector security update", tracking: { current_release_date: "2025-04-07T23:02:47+00:00", generator: { date: "2025-04-07T23:02:47+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3593", initial_release_date: "2025-04-03T13:38:52+00:00", revision_history: [ { date: "2025-04-03T13:38:52+00:00", number: "1", summary: "Initial version", }, { date: "2025-04-03T13:38:52+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-07T23:02:47+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream EUS (v.9.4)", product: { name: "Red Hat Enterprise Linux AppStream EUS (v.9.4)", product_id: "AppStream-9.4.0.Z.EUS", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_eus:9.4::appstream", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "opentelemetry-collector-0:0.107.0-7.el9_4.src", product: { name: "opentelemetry-collector-0:0.107.0-7.el9_4.src", product_id: "opentelemetry-collector-0:0.107.0-7.el9_4.src", product_identification_helper: { purl: "pkg:rpm/redhat/opentelemetry-collector@0.107.0-7.el9_4?arch=src", }, }, }, ], category: "architecture", name: "src", }, { branches: [ { category: "product_version", name: "opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", product: { name: "opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", product_id: "opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/opentelemetry-collector@0.107.0-7.el9_4?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", product: { name: "opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", product_id: "opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/opentelemetry-collector@0.107.0-7.el9_4?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", product: { name: "opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", product_id: "opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/opentelemetry-collector@0.107.0-7.el9_4?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "opentelemetry-collector-0:0.107.0-7.el9_4.s390x", product: { name: "opentelemetry-collector-0:0.107.0-7.el9_4.s390x", product_id: "opentelemetry-collector-0:0.107.0-7.el9_4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/opentelemetry-collector@0.107.0-7.el9_4?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "opentelemetry-collector-0:0.107.0-7.el9_4.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)", product_id: "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", }, product_reference: "opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", relates_to_product_reference: "AppStream-9.4.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)", product_id: "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", }, product_reference: "opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", relates_to_product_reference: "AppStream-9.4.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "opentelemetry-collector-0:0.107.0-7.el9_4.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)", product_id: "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.s390x", }, product_reference: "opentelemetry-collector-0:0.107.0-7.el9_4.s390x", relates_to_product_reference: "AppStream-9.4.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "opentelemetry-collector-0:0.107.0-7.el9_4.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)", product_id: "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.src", }, product_reference: "opentelemetry-collector-0:0.107.0-7.el9_4.src", relates_to_product_reference: "AppStream-9.4.0.Z.EUS", }, { category: "default_component_of", full_product_name: { name: "opentelemetry-collector-0:0.107.0-7.el9_4.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)", product_id: "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", }, product_reference: "opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", relates_to_product_reference: "AppStream-9.4.0.Z.EUS", }, ], }, vulnerabilities: [ { cve: "CVE-2024-45336", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2025-01-23T12:57:38.123000+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2341751", }, ], notes: [ { category: "description", text: "A flaw was found in the net/http package of the Golang standard library. The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to `a.com/` containing an Authorization header redirected to `b.com/` will not send that header to `b.com`. However, the sensitive headers would be restored if the client received a subsequent same-domain redirect. For example, a chain of redirects from `a.com/`, to `b.com/1`, and finally to `b.com/2` would incorrectly send the Authorization header to `b.com/2`.", title: "Vulnerability description", }, { category: "summary", text: "golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.s390x", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.src", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2024-45336", }, { category: "external", summary: "RHBZ#2341751", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2341751", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2024-45336", url: "https://www.cve.org/CVERecord?id=CVE-2024-45336", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2024-45336", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-45336", }, ], release_date: "2025-01-17T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-03T13:38:52+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.s390x", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.src", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3593", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.s390x", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.src", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect", }, { acknowledgments: [ { names: [ "jub0bs", ], }, ], cve: "CVE-2025-22868", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, discovery_date: "2025-02-26T04:00:44.350024+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2348366", }, ], notes: [ { category: "description", text: "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.s390x", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.src", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "RHBZ#2348366", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348366", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22868", url: "https://www.cve.org/CVERecord?id=CVE-2025-22868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", }, { category: "external", summary: "https://go.dev/cl/652155", url: "https://go.dev/cl/652155", }, { category: "external", summary: "https://go.dev/issue/71490", url: "https://go.dev/issue/71490", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3488", url: "https://pkg.go.dev/vuln/GO-2025-3488", }, ], release_date: "2025-02-26T03:07:49.012000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-03T13:38:52+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.s390x", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.src", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3593", }, { category: "workaround", details: "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.", product_ids: [ "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.s390x", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.src", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.s390x", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.src", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", }, { cve: "CVE-2025-27144", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2025-02-24T23:00:42.448432+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2347423", }, ], notes: [ { category: "description", text: "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.", title: "Vulnerability description", }, { category: "summary", text: "go-jose: Go JOSE's Parsing Vulnerable to Denial of Service", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.s390x", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.src", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-27144", }, { category: "external", summary: "RHBZ#2347423", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2347423", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-27144", url: "https://www.cve.org/CVERecord?id=CVE-2025-27144", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-27144", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-27144", }, { category: "external", summary: "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22", url: "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22", }, { category: "external", summary: "https://github.com/go-jose/go-jose/releases/tag/v4.0.5", url: "https://github.com/go-jose/go-jose/releases/tag/v4.0.5", }, { category: "external", summary: "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78", url: "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78", }, ], release_date: "2025-02-24T22:22:22.863000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-03T13:38:52+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.s390x", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.src", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3593", }, { category: "workaround", details: "As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.", product_ids: [ "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.s390x", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.src", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.s390x", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.src", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "go-jose: Go JOSE's Parsing Vulnerable to Denial of Service", }, { cve: "CVE-2025-29786", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2025-03-17T14:00:59.078419+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2352914", }, ], notes: [ { category: "description", text: "A flaw was found in Expr. This vulnerability allows excessive memory usage and potential out-of-memory (OOM) crashes via unbounded input strings, where a malicious or inadvertent large expression can cause the parser to construct an extremely large Abstract Syntax Tree (AST), consuming excessive memory.", title: "Vulnerability description", }, { category: "summary", text: "github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.s390x", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.src", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-29786", }, { category: "external", summary: "RHBZ#2352914", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2352914", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-29786", url: "https://www.cve.org/CVERecord?id=CVE-2025-29786", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-29786", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-29786", }, { category: "external", summary: "https://github.com/expr-lang/expr/pull/762", url: "https://github.com/expr-lang/expr/pull/762", }, { category: "external", summary: "https://github.com/expr-lang/expr/security/advisories/GHSA-93mq-9ffx-83m2", url: "https://github.com/expr-lang/expr/security/advisories/GHSA-93mq-9ffx-83m2", }, ], release_date: "2025-03-17T13:15:32.836000+00:00", remediations: [ { category: "vendor_fix", date: "2025-04-03T13:38:52+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", product_ids: [ "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.s390x", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.src", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3593", }, { category: "workaround", details: "To mitigate this vulnerability, it is recommended to impose an input size restriction before parsing (i.e. validating or limiting the length of expression strings that the application will accept). Ensuring no unbounded-length expressions are fed into the parser will prevent the parser from constructing a very large AST and avoid the potential memory exhaustion issue.", product_ids: [ "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.s390x", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.src", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.aarch64", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.ppc64le", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.s390x", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.src", "AppStream-9.4.0.Z.EUS:opentelemetry-collector-0:0.107.0-7.el9_4.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "github.com/expr-lang/expr: Memory Exhaustion in Expr Parser with Unrestricted Input", }, ], }
rhsa-2025:3051
Vulnerability from csaf_redhat
Published
2025-03-20 04:38
Modified
2025-04-04 19:06
Summary
Red Hat Security Advisory: Gatekeeper v3.17.2
Notes
Topic
Gatekeeper v3.17.2
Details
Gatekeeper v3.17.2
Gatekeeper is a validating webhook with auditing capabilities that can
enforce custom resource definition-based policies that are run with the
Open Policy Agent (OPA). Gatekeeper is supported through a Red Hat Advanced
Cluster Management for Kubernetes subscription.
Starting in v3.17, users can specify a `containerArguments` list of names
and values for both the audit and webhook configurations to be passed to
the respective deployment. These will be ignored if the argument has
already been set by the operator or specifies an argument listed in the
deny list.
Starting in v3.15, the following namespaces are exempt from admission
control:
* kube-*
* multicluster-engine
* hypershift
* hive
* rhacs-operator
* open-cluster-*
* openshift-*
To disable the default exempt namespaces, set the namespaces you want on
the object.
Security fix(es):
* golang.org/x/oauth2: Unexpected memory consumption during token parsing in
golang.org/x/oauth2 (CVE-2025-22868)
* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of
golang.org/x/crypto/ssh (CVE-2025-22869)
Additional Release Notes:
* v3.17.0 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.0
* v3.17.1 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.1
* v3.17.2 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.2
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Gatekeeper v3.17.2", title: "Topic", }, { category: "general", text: "Gatekeeper v3.17.2\n\nGatekeeper is a validating webhook with auditing capabilities that can\nenforce custom resource definition-based policies that are run with the\nOpen Policy Agent (OPA). Gatekeeper is supported through a Red Hat Advanced\nCluster Management for Kubernetes subscription.\n\nStarting in v3.17, users can specify a `containerArguments` list of names\nand values for both the audit and webhook configurations to be passed to\nthe respective deployment. These will be ignored if the argument has\nalready been set by the operator or specifies an argument listed in the\ndeny list.\n\nStarting in v3.15, the following namespaces are exempt from admission\ncontrol:\n\n* kube-*\n* multicluster-engine\n* hypershift\n* hive\n* rhacs-operator\n* open-cluster-*\n* openshift-*\n\nTo disable the default exempt namespaces, set the namespaces you want on\nthe object.\n\nSecurity fix(es):\n\n* golang.org/x/oauth2: Unexpected memory consumption during token parsing in\ngolang.org/x/oauth2 (CVE-2025-22868)\n* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of\ngolang.org/x/crypto/ssh (CVE-2025-22869)\n\nAdditional Release Notes:\n\n* v3.17.0 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.0\n* v3.17.1 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.1\n* v3.17.2 https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.2", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2025:3051", url: "https://access.redhat.com/errata/RHSA-2025:3051", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.0", url: "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.0", }, { category: "external", summary: "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.1", url: "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.1", }, { category: "external", summary: "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.2", url: "https://github.com/open-policy-agent/gatekeeper/releases/tag/v3.17.2", }, { category: "external", summary: "2348366", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348366", }, { category: "external", summary: "2348367", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348367", }, { category: "external", summary: "ACM-18302", url: "https://issues.redhat.com/browse/ACM-18302", }, { category: "external", summary: "ACM-18535", url: "https://issues.redhat.com/browse/ACM-18535", }, { category: "external", summary: "HYPBLD-605", url: "https://issues.redhat.com/browse/HYPBLD-605", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_3051.json", }, ], title: "Red Hat Security Advisory: Gatekeeper v3.17.2", tracking: { current_release_date: "2025-04-04T19:06:44+00:00", generator: { date: "2025-04-04T19:06:44+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.2", }, }, id: "RHSA-2025:3051", initial_release_date: "2025-03-20T04:38:00+00:00", revision_history: [ { date: "2025-03-20T04:38:00+00:00", number: "1", summary: "Initial version", }, { date: "2025-03-20T04:38:00+00:00", number: "2", summary: "Last updated version", }, { date: "2025-04-04T19:06:44+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "gatekeeper 3.17 for RHEL 9", product: { name: "gatekeeper 3.17 for RHEL 9", product_id: "9Base-gatekeeper-3.17", product_identification_helper: { cpe: "cpe:/a:redhat:gatekeeper:3.17::el9", }, }, }, ], category: "product_family", name: "gatekeeper", }, { branches: [ { category: "product_version", name: "gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x", product: { name: "gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x", product_id: "gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x", product_identification_helper: { purl: "pkg:oci/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e?arch=s390x&repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9&tag=v3.17.2-5", }, }, }, { category: "product_version", name: "gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x", product: { name: "gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x", product_id: "gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x", product_identification_helper: { purl: "pkg:oci/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8?arch=s390x&repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator&tag=v3.17.2-4", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64", product: { name: "gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64", product_id: "gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64", product_identification_helper: { purl: "pkg:oci/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99?arch=arm64&repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9&tag=v3.17.2-5", }, }, }, { category: "product_version", name: "gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64", product: { name: "gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64", product_id: "gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64", product_identification_helper: { purl: "pkg:oci/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32?arch=arm64&repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator&tag=v3.17.2-4", }, }, }, ], category: "architecture", name: "arm64", }, { branches: [ { category: "product_version", name: "gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le", product: { name: "gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le", product_id: "gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le", product_identification_helper: { purl: "pkg:oci/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca?arch=ppc64le&repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9&tag=v3.17.2-5", }, }, }, { category: "product_version", name: "gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le", product: { name: "gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le", product_id: "gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le", product_identification_helper: { purl: "pkg:oci/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d?arch=ppc64le&repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator&tag=v3.17.2-4", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64", product: { name: "gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64", product_id: "gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64", product_identification_helper: { purl: "pkg:oci/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e?arch=amd64&repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9&tag=v3.17.2-5", }, }, }, { category: "product_version", name: "gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64", product: { name: "gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64", product_id: "gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64", product_identification_helper: { purl: "pkg:oci/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb?arch=amd64&repository_url=registry.redhat.io/gatekeeper/gatekeeper-operator-bundle&tag=v3.17.2-2", }, }, }, { category: "product_version", name: "gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64", product: { name: "gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64", product_id: "gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64", product_identification_helper: { purl: "pkg:oci/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95?arch=amd64&repository_url=registry.redhat.io/gatekeeper/gatekeeper-rhel9-operator&tag=v3.17.2-4", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64 as a component of gatekeeper 3.17 for RHEL 9", product_id: "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64", }, product_reference: "gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64", relates_to_product_reference: "9Base-gatekeeper-3.17", }, { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64 as a component of gatekeeper 3.17 for RHEL 9", product_id: "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64", }, product_reference: "gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64", relates_to_product_reference: "9Base-gatekeeper-3.17", }, { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le as a component of gatekeeper 3.17 for RHEL 9", product_id: "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le", }, product_reference: "gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le", relates_to_product_reference: "9Base-gatekeeper-3.17", }, { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64 as a component of gatekeeper 3.17 for RHEL 9", product_id: "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64", }, product_reference: "gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64", relates_to_product_reference: "9Base-gatekeeper-3.17", }, { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x as a component of gatekeeper 3.17 for RHEL 9", product_id: "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x", }, product_reference: "gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x", relates_to_product_reference: "9Base-gatekeeper-3.17", }, { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64 as a component of gatekeeper 3.17 for RHEL 9", product_id: "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64", }, product_reference: "gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64", relates_to_product_reference: "9Base-gatekeeper-3.17", }, { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le as a component of gatekeeper 3.17 for RHEL 9", product_id: "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le", }, product_reference: "gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le", relates_to_product_reference: "9Base-gatekeeper-3.17", }, { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x as a component of gatekeeper 3.17 for RHEL 9", product_id: "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x", }, product_reference: "gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x", relates_to_product_reference: "9Base-gatekeeper-3.17", }, { category: "default_component_of", full_product_name: { name: "gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64 as a component of gatekeeper 3.17 for RHEL 9", product_id: "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64", }, product_reference: "gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64", relates_to_product_reference: "9Base-gatekeeper-3.17", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "jub0bs", ], }, ], cve: "CVE-2025-22868", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, discovery_date: "2025-02-26T04:00:44.350024+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2348366", }, ], notes: [ { category: "description", text: "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "RHBZ#2348366", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348366", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22868", url: "https://www.cve.org/CVERecord?id=CVE-2025-22868", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", }, { category: "external", summary: "https://go.dev/cl/652155", url: "https://go.dev/cl/652155", }, { category: "external", summary: "https://go.dev/issue/71490", url: "https://go.dev/issue/71490", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3488", url: "https://pkg.go.dev/vuln/GO-2025-3488", }, ], release_date: "2025-02-26T03:07:49.012000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-20T04:38:00+00:00", details: "For more information, see the following resources:\n\n* See the Gatekeeper\ndocumentation: https://open-policy-agent.github.io/gatekeeper/website/docs/.\n\n* For support and troubleshooting, Gatekeeper is supported through a Red Hat Advanced Cluster Management for\nKubernetes subscription:\nhttps://access.redhat.com/products/red-hat-advanced-cluster-management-for-kubernetes.\n\n* The Open Policy Agent Gatekeeper community collaborates on Slack. Join the \n#opa-gatekeeper channel: https://openpolicyagent.slack.com/archives/CDTN970AX.\n\n* Open issues on the Gatekeeper GitHub repository: https://github.com/open-policy-agent/gatekeeper/issues.\n\n* See the installation and upgrade documentation: https://open-policy-agent.github.io/gatekeeper/website/docs/install.", product_ids: [ "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3051", }, { category: "workaround", details: "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.", product_ids: [ "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", }, { cve: "CVE-2025-22869", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, discovery_date: "2025-02-26T04:00:47.683125+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "2348367", }, ], notes: [ { category: "description", text: "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.", title: "Vulnerability description", }, { category: "summary", text: "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh", title: "Vulnerability summary", }, { category: "other", text: "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2025-22869", }, { category: "external", summary: "RHBZ#2348367", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2348367", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2025-22869", url: "https://www.cve.org/CVERecord?id=CVE-2025-22869", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2025-22869", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-22869", }, { category: "external", summary: "https://go.dev/cl/652135", url: "https://go.dev/cl/652135", }, { category: "external", summary: "https://go.dev/issue/71931", url: "https://go.dev/issue/71931", }, { category: "external", summary: "https://pkg.go.dev/vuln/GO-2025-3487", url: "https://pkg.go.dev/vuln/GO-2025-3487", }, ], release_date: "2025-02-26T03:07:48.855000+00:00", remediations: [ { category: "vendor_fix", date: "2025-03-20T04:38:00+00:00", details: "For more information, see the following resources:\n\n* See the Gatekeeper\ndocumentation: https://open-policy-agent.github.io/gatekeeper/website/docs/.\n\n* For support and troubleshooting, Gatekeeper is supported through a Red Hat Advanced Cluster Management for\nKubernetes subscription:\nhttps://access.redhat.com/products/red-hat-advanced-cluster-management-for-kubernetes.\n\n* The Open Policy Agent Gatekeeper community collaborates on Slack. Join the \n#opa-gatekeeper channel: https://openpolicyagent.slack.com/archives/CDTN970AX.\n\n* Open issues on the Gatekeeper GitHub repository: https://github.com/open-policy-agent/gatekeeper/issues.\n\n* See the installation and upgrade documentation: https://open-policy-agent.github.io/gatekeeper/website/docs/install.", product_ids: [ "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2025:3051", }, { category: "workaround", details: "This flaw can be mitigated when using the client only connecting to trusted servers.", product_ids: [ "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-operator-bundle@sha256:d96ab7824a0f334b595ec7034ce417ee81976d5617ce72fb693ad724483833fb_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:6cd467648f4101fa9ff4b6a497aaa2e76f2ff2c0021cfed5541aa7ffdeb4bc32_arm64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:825f94692807a950ed30efb98c5e05b6c3dd2ff2a4dd062cfe4ec276091f613d_ppc64le", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:8680d198102e84c2b69723f358560ecf684a7d55ca28537c2a3db2179454bc95_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9-operator@sha256:bf9faf7bf7730eaa2e95056b3082198e797a69bcec8122d54723f6216f34a0c8_s390x", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:859cd273784a7553ec14754b726961376e0fd153d9e45f67dd38a5f6e35ae35e_amd64", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:c5b1e6d081e1e79c2de7865aa99467b6a2e683735222fdb8f460771798ed7bca_ppc64le", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:ca290a799cd15897e62314cea4603653a1da7aa935db51640409b00e8361707e_s390x", "9Base-gatekeeper-3.17:gatekeeper/gatekeeper-rhel9@sha256:f5d43f372597923ae1c363887da9accb50de207869d829ec09212db06cf3ac99_arm64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh", }, ], }
opensuse-su-2025:0091-1
Vulnerability from csaf_opensuse
Published
2025-03-15 11:01
Modified
2025-03-15 11:01
Summary
Security update for restic
Notes
Title of the patch
Security update for restic
Description of the patch
This update for restic fixes the following issues:
- Fixed CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (boo#1239264)
- Update to version 0.17.3
- Fix #4971: Fix unusable mount on macOS Sonoma
- Fix #5003: Fix metadata errors during backup of removable disks
on Windows
- Fix #5101: Do not retry load/list operation if SFTP connection
is broken
- Fix #5107: Fix metadata error on Windows for backups using VSS
- Enh #5096: Allow prune --dry-run without lock
- Update to version 0.17.2
- Fix #4004: Support container-level SAS/SAT tokens for Azure
backend
- Fix #5047: Resolve potential error during concurrent cache
cleanup
- Fix #5050: Return error if tag fails to lock repository
- Fix #5057: Exclude irregular files from backups
- Fix #5063: Correctly backup extended metadata when using VSS on
Windows
- Update to version 0.17.1
- Fix #2004: Correctly handle volume names in backup command on
Windows
- Fix #4945: Include missing backup error text with --json
- Fix #4953: Correctly handle long paths on older Windows
versions
- Fix #4957: Fix delayed cancellation of certain commands
- Fix #4958: Don't ignore metadata-setting errors during restore
- Fix #4969: Correctly restore timestamp for files with resource
forks on macOS
- Fix #4975: Prevent backup --stdin-from-command from panicking
- Fix #4980: Skip extended attribute processing on unsupported
Windows volumes
- Fix #5004: Fix spurious 'A Required Privilege Is Not Held by
the Client' error
- Fix #5005: Fix rare failures to retry locking a repository
- Fix #5018: Improve HTTP/2 support for REST backend
- Chg #4953: Also back up files with incomplete metadata
- Enh #4795: Display progress bar for restore --verify
- Enh #4934: Automatically clear removed snapshots from cache
- Enh #4944: Print JSON-formatted errors during restore --json
- Enh #4959: Return exit code 12 for 'bad password' errors
- Enh #4970: Make timeout for stuck requests customizable
- Update to version 0.17.0
- Fix #3600: Handle unreadable xattrs in folders above backup
source
- Fix #4209: Fix slow SFTP upload performance
- Fix #4503: Correct hardlink handling in stats command
- Fix #4568: Prevent forget --keep-tags <invalid> from deleting
all snapshots
- Fix #4615: Make find not sometimes ignore directories
- Fix #4656: Properly report ID of newly added keys
- Fix #4703: Shutdown cleanly when receiving SIGTERM
- Fix #4709: Correct --no-lock handling of ls and tag commands
- Fix #4760: Fix possible error on concurrent cache cleanup
- Fix #4850: Handle UTF-16 password files in key command
correctly
- Fix #4902: Update snapshot summary on rewrite
- Chg #956: Return exit code 10 and 11 for non-existing and
locked repository
- Chg #4540: Require at least ARMv6 for ARM binaries
- Chg #4602: Deprecate legacy index format and s3legacy
repository layout
- Chg #4627: Redesign backend error handling to improve
reliability
- Chg #4707: Disable S3 anonymous authentication by default
- Chg #4744: Include full key ID in JSON output of key list
- Enh #662: Optionally skip snapshot creation if nothing changed
- Enh #693: Include snapshot size in snapshots output
- Enh #805: Add bitrot detection to diff command
- Enh #828: Improve features of the repair packs command
- Enh #1786: Support repositories with empty password
- Enh #2348: Add --delete option to restore command
- Enh #3067: Add extended options to configure Windows Shadow
Copy Service
- Enh #3406: Improve dump performance for large files
- Enh #3806: Optimize and make prune command resumable
- Enh #4006: (alpha) Store deviceID only for hardlinks
- Enh #4048: Add support for FUSE-T with mount on macOS
- Enh #4251: Support reading backup from a command's standard
output
- Enh #4287: Support connection to rest-server using unix socket
- Enh #4354: Significantly reduce prune memory usage
- Enh #4437: Make check command create non-existent cache
directory
- Enh #4472: Support AWS Assume Role for S3 backend
- Enh #4547: Add --json option to version command
- Enh #4549: Add --ncdu option to ls command
- Enh #4573: Support rewriting host and time metadata in
snapshots
- Enh #4583: Ignore s3.storage-class archive tiers for metadata
- Enh #4590: Speed up mount command's error detection
- Enh #4601: Add support for feature flags
- Enh #4611: Back up more file metadata on Windows
- Enh #4664: Make ls use message_type field in JSON output
- Enh #4676: Make key command's actions separate sub-commands
- Enh #4678: Add --target option to the dump command
- Enh #4708: Back up and restore SecurityDescriptors on Windows
- Enh #4733: Allow specifying --host via environment variable
- Enh #4737: Include snapshot ID in reason field of forget JSON
output
- Enh #4764: Support forgetting all snapshots
- Enh #4768: Allow specifying custom User-Agent for outgoing
requests
- Enh #4781: Add restore options to read include/exclude patterns
from files
- Enh #4807: Support Extended Attributes on Windows NTFS
- Enh #4817: Make overwrite behavior of restore customizable
- Enh #4839: Add dry-run support to restore command
for all the details see https://github.com/restic/restic/releases/tag/v0.17.0
or /usr/share/doc/packages/restic/CHANGELOG.md
- Update to version 0.16.5
- Enh #4799: Add option to force use of Azure CLI credential
- Enh #4873: Update dependencies
- Update to version 0.16.4
This release works around and improves detection of a bug in the
compression library used by restic. The resulting issue only
happens when using restic 0.16.3 and the max compression level
(the default auto and off compression levels are not affected),
and when the source files being backed up have specific data in
them to trigger the bug. If you use max compression, you can use
restic check --read-data to make sure you're not affected.
- Update to version 0.16.3
- Fix #4560: Improve errors for irregular files on Windows
- Fix #4574: Support backup of deduplicated files on Windows
again
- Fix #4612: Improve error handling for rclone backend
- Fix #4624: Correct restore progress information if an error
occurs
- Fix #4626: Improve reliability of restoring large files
- Update to version 0.16.2
- Fix #4540: Restore ARMv5 support for ARM binaries
- Fix #4545: Repair documentation build on Read the Docs
- Update to version 0.16.1
A very long list of improvements for all the details see
https://github.com/restic/restic/releases/tag/v0.16.1
It contains an important bug fix which prevents data corruption
when compression is set to max.
Patchnames
openSUSE-2025-91
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for restic", title: "Title of the patch", }, { category: "description", text: "This update for restic fixes the following issues:\n\n- Fixed CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (boo#1239264)\n\n- Update to version 0.17.3\n\n - Fix #4971: Fix unusable mount on macOS Sonoma\n - Fix #5003: Fix metadata errors during backup of removable disks\n on Windows\n - Fix #5101: Do not retry load/list operation if SFTP connection\n is broken\n - Fix #5107: Fix metadata error on Windows for backups using VSS\n - Enh #5096: Allow prune --dry-run without lock\n\n- Update to version 0.17.2\n\n - Fix #4004: Support container-level SAS/SAT tokens for Azure\n backend\n - Fix #5047: Resolve potential error during concurrent cache\n cleanup\n - Fix #5050: Return error if tag fails to lock repository\n - Fix #5057: Exclude irregular files from backups\n - Fix #5063: Correctly backup extended metadata when using VSS on\n Windows\n\n- Update to version 0.17.1\n\n - Fix #2004: Correctly handle volume names in backup command on\n Windows\n - Fix #4945: Include missing backup error text with --json\n - Fix #4953: Correctly handle long paths on older Windows\n versions\n - Fix #4957: Fix delayed cancellation of certain commands\n - Fix #4958: Don't ignore metadata-setting errors during restore\n - Fix #4969: Correctly restore timestamp for files with resource\n forks on macOS\n - Fix #4975: Prevent backup --stdin-from-command from panicking\n - Fix #4980: Skip extended attribute processing on unsupported\n Windows volumes\n - Fix #5004: Fix spurious 'A Required Privilege Is Not Held by\n the Client' error\n - Fix #5005: Fix rare failures to retry locking a repository\n - Fix #5018: Improve HTTP/2 support for REST backend\n - Chg #4953: Also back up files with incomplete metadata\n - Enh #4795: Display progress bar for restore --verify\n - Enh #4934: Automatically clear removed snapshots from cache\n - Enh #4944: Print JSON-formatted errors during restore --json\n - Enh #4959: Return exit code 12 for 'bad password' errors\n - Enh #4970: Make timeout for stuck requests customizable\n\n- Update to version 0.17.0\n\n - Fix #3600: Handle unreadable xattrs in folders above backup\n source\n - Fix #4209: Fix slow SFTP upload performance\n - Fix #4503: Correct hardlink handling in stats command\n - Fix #4568: Prevent forget --keep-tags <invalid> from deleting\n all snapshots\n - Fix #4615: Make find not sometimes ignore directories\n - Fix #4656: Properly report ID of newly added keys\n - Fix #4703: Shutdown cleanly when receiving SIGTERM\n - Fix #4709: Correct --no-lock handling of ls and tag commands\n - Fix #4760: Fix possible error on concurrent cache cleanup\n - Fix #4850: Handle UTF-16 password files in key command\n correctly\n - Fix #4902: Update snapshot summary on rewrite\n - Chg #956: Return exit code 10 and 11 for non-existing and\n locked repository\n - Chg #4540: Require at least ARMv6 for ARM binaries\n - Chg #4602: Deprecate legacy index format and s3legacy\n repository layout\n - Chg #4627: Redesign backend error handling to improve\n reliability\n - Chg #4707: Disable S3 anonymous authentication by default\n - Chg #4744: Include full key ID in JSON output of key list\n - Enh #662: Optionally skip snapshot creation if nothing changed\n - Enh #693: Include snapshot size in snapshots output\n - Enh #805: Add bitrot detection to diff command\n - Enh #828: Improve features of the repair packs command\n - Enh #1786: Support repositories with empty password\n - Enh #2348: Add --delete option to restore command\n - Enh #3067: Add extended options to configure Windows Shadow\n Copy Service\n - Enh #3406: Improve dump performance for large files\n - Enh #3806: Optimize and make prune command resumable\n - Enh #4006: (alpha) Store deviceID only for hardlinks\n - Enh #4048: Add support for FUSE-T with mount on macOS\n - Enh #4251: Support reading backup from a command's standard\n output\n - Enh #4287: Support connection to rest-server using unix socket\n - Enh #4354: Significantly reduce prune memory usage\n - Enh #4437: Make check command create non-existent cache\n directory\n - Enh #4472: Support AWS Assume Role for S3 backend\n - Enh #4547: Add --json option to version command\n - Enh #4549: Add --ncdu option to ls command\n - Enh #4573: Support rewriting host and time metadata in\n snapshots\n - Enh #4583: Ignore s3.storage-class archive tiers for metadata\n - Enh #4590: Speed up mount command's error detection\n - Enh #4601: Add support for feature flags\n - Enh #4611: Back up more file metadata on Windows\n - Enh #4664: Make ls use message_type field in JSON output\n - Enh #4676: Make key command's actions separate sub-commands\n - Enh #4678: Add --target option to the dump command\n - Enh #4708: Back up and restore SecurityDescriptors on Windows\n - Enh #4733: Allow specifying --host via environment variable\n - Enh #4737: Include snapshot ID in reason field of forget JSON\n output\n - Enh #4764: Support forgetting all snapshots\n - Enh #4768: Allow specifying custom User-Agent for outgoing\n requests\n - Enh #4781: Add restore options to read include/exclude patterns\n from files\n - Enh #4807: Support Extended Attributes on Windows NTFS\n - Enh #4817: Make overwrite behavior of restore customizable\n - Enh #4839: Add dry-run support to restore command\n for all the details see https://github.com/restic/restic/releases/tag/v0.17.0\n or /usr/share/doc/packages/restic/CHANGELOG.md\n\n- Update to version 0.16.5\n - Enh #4799: Add option to force use of Azure CLI credential\n - Enh #4873: Update dependencies\n\n- Update to version 0.16.4\n This release works around and improves detection of a bug in the\n compression library used by restic. The resulting issue only\n happens when using restic 0.16.3 and the max compression level\n (the default auto and off compression levels are not affected),\n and when the source files being backed up have specific data in\n them to trigger the bug. If you use max compression, you can use\n restic check --read-data to make sure you're not affected.\n\n- Update to version 0.16.3\n\n - Fix #4560: Improve errors for irregular files on Windows\n - Fix #4574: Support backup of deduplicated files on Windows\n again\n - Fix #4612: Improve error handling for rclone backend\n - Fix #4624: Correct restore progress information if an error\n occurs\n - Fix #4626: Improve reliability of restoring large files\n\n- Update to version 0.16.2\n\n - Fix #4540: Restore ARMv5 support for ARM binaries\n - Fix #4545: Repair documentation build on Read the Docs\n\n- Update to version 0.16.1\n\n A very long list of improvements for all the details see\n https://github.com/restic/restic/releases/tag/v0.16.1\n It contains an important bug fix which prevents data corruption\n when compression is set to max.\n", title: "Description of the patch", }, { category: "details", text: "openSUSE-2025-91", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_0091-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2025:0091-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3WXUOMZG43G5AZBMH5HY5IUTZ2CLZL6M/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2025:0091-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3WXUOMZG43G5AZBMH5HY5IUTZ2CLZL6M/", }, { category: "self", summary: "SUSE Bug 1239264", url: "https://bugzilla.suse.com/1239264", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, ], title: "Security update for restic", tracking: { current_release_date: "2025-03-15T11:01:16Z", generator: { date: "2025-03-15T11:01:16Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2025:0091-1", initial_release_date: "2025-03-15T11:01:16Z", revision_history: [ { date: "2025-03-15T11:01:16Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "restic-0.17.3-bp156.2.3.1.aarch64", product: { name: "restic-0.17.3-bp156.2.3.1.aarch64", product_id: "restic-0.17.3-bp156.2.3.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "restic-0.17.3-bp156.2.3.1.i586", product: { name: "restic-0.17.3-bp156.2.3.1.i586", product_id: "restic-0.17.3-bp156.2.3.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "restic-bash-completion-0.17.3-bp156.2.3.1.noarch", product: { name: "restic-bash-completion-0.17.3-bp156.2.3.1.noarch", product_id: "restic-bash-completion-0.17.3-bp156.2.3.1.noarch", }, }, { category: "product_version", name: "restic-zsh-completion-0.17.3-bp156.2.3.1.noarch", product: { name: "restic-zsh-completion-0.17.3-bp156.2.3.1.noarch", product_id: "restic-zsh-completion-0.17.3-bp156.2.3.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "restic-0.17.3-bp156.2.3.1.ppc64le", product: { name: "restic-0.17.3-bp156.2.3.1.ppc64le", product_id: "restic-0.17.3-bp156.2.3.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "restic-0.17.3-bp156.2.3.1.s390x", product: { name: "restic-0.17.3-bp156.2.3.1.s390x", product_id: "restic-0.17.3-bp156.2.3.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "restic-0.17.3-bp156.2.3.1.x86_64", product: { name: "restic-0.17.3-bp156.2.3.1.x86_64", product_id: "restic-0.17.3-bp156.2.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Package Hub 15 SP6", product: { name: "SUSE Package Hub 15 SP6", product_id: "SUSE Package Hub 15 SP6", }, }, { category: "product_name", name: "openSUSE Leap 15.6", product: { name: "openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.6", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "restic-0.17.3-bp156.2.3.1.aarch64 as component of SUSE Package Hub 15 SP6", product_id: "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.aarch64", }, product_reference: "restic-0.17.3-bp156.2.3.1.aarch64", relates_to_product_reference: "SUSE Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "restic-0.17.3-bp156.2.3.1.i586 as component of SUSE Package Hub 15 SP6", product_id: "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.i586", }, product_reference: "restic-0.17.3-bp156.2.3.1.i586", relates_to_product_reference: "SUSE Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "restic-0.17.3-bp156.2.3.1.ppc64le as component of SUSE Package Hub 15 SP6", product_id: "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.ppc64le", }, product_reference: "restic-0.17.3-bp156.2.3.1.ppc64le", relates_to_product_reference: "SUSE Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "restic-0.17.3-bp156.2.3.1.s390x as component of SUSE Package Hub 15 SP6", product_id: "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.s390x", }, product_reference: "restic-0.17.3-bp156.2.3.1.s390x", relates_to_product_reference: "SUSE Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "restic-0.17.3-bp156.2.3.1.x86_64 as component of SUSE Package Hub 15 SP6", product_id: "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.x86_64", }, product_reference: "restic-0.17.3-bp156.2.3.1.x86_64", relates_to_product_reference: "SUSE Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "restic-bash-completion-0.17.3-bp156.2.3.1.noarch as component of SUSE Package Hub 15 SP6", product_id: "SUSE Package Hub 15 SP6:restic-bash-completion-0.17.3-bp156.2.3.1.noarch", }, product_reference: "restic-bash-completion-0.17.3-bp156.2.3.1.noarch", relates_to_product_reference: "SUSE Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "restic-zsh-completion-0.17.3-bp156.2.3.1.noarch as component of SUSE Package Hub 15 SP6", product_id: "SUSE Package Hub 15 SP6:restic-zsh-completion-0.17.3-bp156.2.3.1.noarch", }, product_reference: "restic-zsh-completion-0.17.3-bp156.2.3.1.noarch", relates_to_product_reference: "SUSE Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "restic-0.17.3-bp156.2.3.1.aarch64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.aarch64", }, product_reference: "restic-0.17.3-bp156.2.3.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "restic-0.17.3-bp156.2.3.1.i586 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.i586", }, product_reference: "restic-0.17.3-bp156.2.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "restic-0.17.3-bp156.2.3.1.ppc64le as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.ppc64le", }, product_reference: "restic-0.17.3-bp156.2.3.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "restic-0.17.3-bp156.2.3.1.s390x as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.s390x", }, product_reference: "restic-0.17.3-bp156.2.3.1.s390x", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "restic-0.17.3-bp156.2.3.1.x86_64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.x86_64", }, product_reference: "restic-0.17.3-bp156.2.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "restic-bash-completion-0.17.3-bp156.2.3.1.noarch as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:restic-bash-completion-0.17.3-bp156.2.3.1.noarch", }, product_reference: "restic-bash-completion-0.17.3-bp156.2.3.1.noarch", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "restic-zsh-completion-0.17.3-bp156.2.3.1.noarch as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:restic-zsh-completion-0.17.3-bp156.2.3.1.noarch", }, product_reference: "restic-zsh-completion-0.17.3-bp156.2.3.1.noarch", relates_to_product_reference: "openSUSE Leap 15.6", }, ], }, vulnerabilities: [ { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.aarch64", "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.i586", "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.ppc64le", "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.s390x", "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.x86_64", "SUSE Package Hub 15 SP6:restic-bash-completion-0.17.3-bp156.2.3.1.noarch", "SUSE Package Hub 15 SP6:restic-zsh-completion-0.17.3-bp156.2.3.1.noarch", "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.aarch64", "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.i586", "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.ppc64le", "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.s390x", "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.x86_64", "openSUSE Leap 15.6:restic-bash-completion-0.17.3-bp156.2.3.1.noarch", "openSUSE Leap 15.6:restic-zsh-completion-0.17.3-bp156.2.3.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.aarch64", "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.i586", "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.ppc64le", "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.s390x", "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.x86_64", "SUSE Package Hub 15 SP6:restic-bash-completion-0.17.3-bp156.2.3.1.noarch", "SUSE Package Hub 15 SP6:restic-zsh-completion-0.17.3-bp156.2.3.1.noarch", "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.aarch64", "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.i586", "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.ppc64le", "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.s390x", "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.x86_64", "openSUSE Leap 15.6:restic-bash-completion-0.17.3-bp156.2.3.1.noarch", "openSUSE Leap 15.6:restic-zsh-completion-0.17.3-bp156.2.3.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.aarch64", "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.i586", "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.ppc64le", "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.s390x", "SUSE Package Hub 15 SP6:restic-0.17.3-bp156.2.3.1.x86_64", "SUSE Package Hub 15 SP6:restic-bash-completion-0.17.3-bp156.2.3.1.noarch", "SUSE Package Hub 15 SP6:restic-zsh-completion-0.17.3-bp156.2.3.1.noarch", "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.aarch64", "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.i586", "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.ppc64le", "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.s390x", "openSUSE Leap 15.6:restic-0.17.3-bp156.2.3.1.x86_64", "openSUSE Leap 15.6:restic-bash-completion-0.17.3-bp156.2.3.1.noarch", "openSUSE Leap 15.6:restic-zsh-completion-0.17.3-bp156.2.3.1.noarch", ], }, ], threats: [ { category: "impact", date: "2025-03-15T11:01:16Z", details: "important", }, ], title: "CVE-2025-22868", }, ], }
opensuse-su-2025:14868-1
Vulnerability from csaf_opensuse
Published
2025-03-11 00:00
Modified
2025-03-11 00:00
Summary
fake-gcs-server-1.52.2-1.1 on GA media
Notes
Title of the patch
fake-gcs-server-1.52.2-1.1 on GA media
Description of the patch
These are all security issues fixed in the fake-gcs-server-1.52.2-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-14868
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "fake-gcs-server-1.52.2-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the fake-gcs-server-1.52.2-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2025-14868", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14868-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2025:14868-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LNQ27T4HTWIIJODQRGADXNKI7X2EGTL6/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2025:14868-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LNQ27T4HTWIIJODQRGADXNKI7X2EGTL6/", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, ], title: "fake-gcs-server-1.52.2-1.1 on GA media", tracking: { current_release_date: "2025-03-11T00:00:00Z", generator: { date: "2025-03-11T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2025:14868-1", initial_release_date: "2025-03-11T00:00:00Z", revision_history: [ { date: "2025-03-11T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "fake-gcs-server-1.52.2-1.1.aarch64", product: { name: "fake-gcs-server-1.52.2-1.1.aarch64", product_id: "fake-gcs-server-1.52.2-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "fake-gcs-server-1.52.2-1.1.ppc64le", product: { name: "fake-gcs-server-1.52.2-1.1.ppc64le", product_id: "fake-gcs-server-1.52.2-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "fake-gcs-server-1.52.2-1.1.s390x", product: { name: "fake-gcs-server-1.52.2-1.1.s390x", product_id: "fake-gcs-server-1.52.2-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "fake-gcs-server-1.52.2-1.1.x86_64", product: { name: "fake-gcs-server-1.52.2-1.1.x86_64", product_id: "fake-gcs-server-1.52.2-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "fake-gcs-server-1.52.2-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:fake-gcs-server-1.52.2-1.1.aarch64", }, product_reference: "fake-gcs-server-1.52.2-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "fake-gcs-server-1.52.2-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:fake-gcs-server-1.52.2-1.1.ppc64le", }, product_reference: "fake-gcs-server-1.52.2-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "fake-gcs-server-1.52.2-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:fake-gcs-server-1.52.2-1.1.s390x", }, product_reference: "fake-gcs-server-1.52.2-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "fake-gcs-server-1.52.2-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:fake-gcs-server-1.52.2-1.1.x86_64", }, product_reference: "fake-gcs-server-1.52.2-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:fake-gcs-server-1.52.2-1.1.aarch64", "openSUSE Tumbleweed:fake-gcs-server-1.52.2-1.1.ppc64le", "openSUSE Tumbleweed:fake-gcs-server-1.52.2-1.1.s390x", "openSUSE Tumbleweed:fake-gcs-server-1.52.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:fake-gcs-server-1.52.2-1.1.aarch64", "openSUSE Tumbleweed:fake-gcs-server-1.52.2-1.1.ppc64le", "openSUSE Tumbleweed:fake-gcs-server-1.52.2-1.1.s390x", "openSUSE Tumbleweed:fake-gcs-server-1.52.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:fake-gcs-server-1.52.2-1.1.aarch64", "openSUSE Tumbleweed:fake-gcs-server-1.52.2-1.1.ppc64le", "openSUSE Tumbleweed:fake-gcs-server-1.52.2-1.1.s390x", "openSUSE Tumbleweed:fake-gcs-server-1.52.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-11T00:00:00Z", details: "important", }, ], title: "CVE-2025-22868", }, ], }
opensuse-su-2025:14870-1
Vulnerability from csaf_opensuse
Published
2025-03-11 00:00
Modified
2025-03-11 00:00
Summary
google-osconfig-agent-20250115.01-3.1 on GA media
Notes
Title of the patch
google-osconfig-agent-20250115.01-3.1 on GA media
Description of the patch
These are all security issues fixed in the google-osconfig-agent-20250115.01-3.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-14870
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "google-osconfig-agent-20250115.01-3.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the google-osconfig-agent-20250115.01-3.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2025-14870", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14870-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2025:14870-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/P2BVMS3UPZ5WY4VHA7P2XTPDJMOKLPXM/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2025:14870-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/P2BVMS3UPZ5WY4VHA7P2XTPDJMOKLPXM/", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, ], title: "google-osconfig-agent-20250115.01-3.1 on GA media", tracking: { current_release_date: "2025-03-11T00:00:00Z", generator: { date: "2025-03-11T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2025:14870-1", initial_release_date: "2025-03-11T00:00:00Z", revision_history: [ { date: "2025-03-11T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "google-osconfig-agent-20250115.01-3.1.aarch64", product: { name: "google-osconfig-agent-20250115.01-3.1.aarch64", product_id: "google-osconfig-agent-20250115.01-3.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "google-osconfig-agent-20250115.01-3.1.ppc64le", product: { name: "google-osconfig-agent-20250115.01-3.1.ppc64le", product_id: "google-osconfig-agent-20250115.01-3.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "google-osconfig-agent-20250115.01-3.1.s390x", product: { name: "google-osconfig-agent-20250115.01-3.1.s390x", product_id: "google-osconfig-agent-20250115.01-3.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "google-osconfig-agent-20250115.01-3.1.x86_64", product: { name: "google-osconfig-agent-20250115.01-3.1.x86_64", product_id: "google-osconfig-agent-20250115.01-3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-3.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:google-osconfig-agent-20250115.01-3.1.aarch64", }, product_reference: "google-osconfig-agent-20250115.01-3.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-3.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:google-osconfig-agent-20250115.01-3.1.ppc64le", }, product_reference: "google-osconfig-agent-20250115.01-3.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-3.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:google-osconfig-agent-20250115.01-3.1.s390x", }, product_reference: "google-osconfig-agent-20250115.01-3.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-3.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:google-osconfig-agent-20250115.01-3.1.x86_64", }, product_reference: "google-osconfig-agent-20250115.01-3.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:google-osconfig-agent-20250115.01-3.1.aarch64", "openSUSE Tumbleweed:google-osconfig-agent-20250115.01-3.1.ppc64le", "openSUSE Tumbleweed:google-osconfig-agent-20250115.01-3.1.s390x", "openSUSE Tumbleweed:google-osconfig-agent-20250115.01-3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:google-osconfig-agent-20250115.01-3.1.aarch64", "openSUSE Tumbleweed:google-osconfig-agent-20250115.01-3.1.ppc64le", "openSUSE Tumbleweed:google-osconfig-agent-20250115.01-3.1.s390x", "openSUSE Tumbleweed:google-osconfig-agent-20250115.01-3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:google-osconfig-agent-20250115.01-3.1.aarch64", "openSUSE Tumbleweed:google-osconfig-agent-20250115.01-3.1.ppc64le", "openSUSE Tumbleweed:google-osconfig-agent-20250115.01-3.1.s390x", "openSUSE Tumbleweed:google-osconfig-agent-20250115.01-3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-11T00:00:00Z", details: "important", }, ], title: "CVE-2025-22868", }, ], }
opensuse-su-2025:14905-1
Vulnerability from csaf_opensuse
Published
2025-03-18 00:00
Modified
2025-03-18 00:00
Summary
crane-0.20.3-2.1 on GA media
Notes
Title of the patch
crane-0.20.3-2.1 on GA media
Description of the patch
These are all security issues fixed in the crane-0.20.3-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-14905
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "crane-0.20.3-2.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the crane-0.20.3-2.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2025-14905", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14905-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2025:14905-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WXSUXV2PEOLT2UD2VEZ6IZQTHDWIVZNI/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2025:14905-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WXSUXV2PEOLT2UD2VEZ6IZQTHDWIVZNI/", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, ], title: "crane-0.20.3-2.1 on GA media", tracking: { current_release_date: "2025-03-18T00:00:00Z", generator: { date: "2025-03-18T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2025:14905-1", initial_release_date: "2025-03-18T00:00:00Z", revision_history: [ { date: "2025-03-18T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "crane-0.20.3-2.1.aarch64", product: { name: "crane-0.20.3-2.1.aarch64", product_id: "crane-0.20.3-2.1.aarch64", }, }, { category: "product_version", name: "crane-bash-completion-0.20.3-2.1.aarch64", product: { name: "crane-bash-completion-0.20.3-2.1.aarch64", product_id: "crane-bash-completion-0.20.3-2.1.aarch64", }, }, { category: "product_version", name: "crane-fish-completion-0.20.3-2.1.aarch64", product: { name: "crane-fish-completion-0.20.3-2.1.aarch64", product_id: "crane-fish-completion-0.20.3-2.1.aarch64", }, }, { category: "product_version", name: "crane-zsh-completion-0.20.3-2.1.aarch64", product: { name: "crane-zsh-completion-0.20.3-2.1.aarch64", product_id: "crane-zsh-completion-0.20.3-2.1.aarch64", }, }, { category: "product_version", name: "gcrane-0.20.3-2.1.aarch64", product: { name: "gcrane-0.20.3-2.1.aarch64", product_id: "gcrane-0.20.3-2.1.aarch64", }, }, { category: "product_version", name: "gcrane-bash-completion-0.20.3-2.1.aarch64", product: { name: "gcrane-bash-completion-0.20.3-2.1.aarch64", product_id: "gcrane-bash-completion-0.20.3-2.1.aarch64", }, }, { category: "product_version", name: "gcrane-fish-completion-0.20.3-2.1.aarch64", product: { name: "gcrane-fish-completion-0.20.3-2.1.aarch64", product_id: "gcrane-fish-completion-0.20.3-2.1.aarch64", }, }, { category: "product_version", name: "gcrane-zsh-completion-0.20.3-2.1.aarch64", product: { name: "gcrane-zsh-completion-0.20.3-2.1.aarch64", product_id: "gcrane-zsh-completion-0.20.3-2.1.aarch64", }, }, { category: "product_version", name: "go-containerregistry-0.20.3-2.1.aarch64", product: { name: "go-containerregistry-0.20.3-2.1.aarch64", product_id: "go-containerregistry-0.20.3-2.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "crane-0.20.3-2.1.ppc64le", product: { name: "crane-0.20.3-2.1.ppc64le", product_id: "crane-0.20.3-2.1.ppc64le", }, }, { category: "product_version", name: "crane-bash-completion-0.20.3-2.1.ppc64le", product: { name: "crane-bash-completion-0.20.3-2.1.ppc64le", product_id: "crane-bash-completion-0.20.3-2.1.ppc64le", }, }, { category: "product_version", name: "crane-fish-completion-0.20.3-2.1.ppc64le", product: { name: "crane-fish-completion-0.20.3-2.1.ppc64le", product_id: "crane-fish-completion-0.20.3-2.1.ppc64le", }, }, { category: "product_version", name: "crane-zsh-completion-0.20.3-2.1.ppc64le", product: { name: "crane-zsh-completion-0.20.3-2.1.ppc64le", product_id: "crane-zsh-completion-0.20.3-2.1.ppc64le", }, }, { category: "product_version", name: "gcrane-0.20.3-2.1.ppc64le", product: { name: "gcrane-0.20.3-2.1.ppc64le", product_id: "gcrane-0.20.3-2.1.ppc64le", }, }, { category: "product_version", name: "gcrane-bash-completion-0.20.3-2.1.ppc64le", product: { name: "gcrane-bash-completion-0.20.3-2.1.ppc64le", product_id: "gcrane-bash-completion-0.20.3-2.1.ppc64le", }, }, { category: "product_version", name: "gcrane-fish-completion-0.20.3-2.1.ppc64le", product: { name: "gcrane-fish-completion-0.20.3-2.1.ppc64le", product_id: "gcrane-fish-completion-0.20.3-2.1.ppc64le", }, }, { category: "product_version", name: "gcrane-zsh-completion-0.20.3-2.1.ppc64le", product: { name: "gcrane-zsh-completion-0.20.3-2.1.ppc64le", product_id: "gcrane-zsh-completion-0.20.3-2.1.ppc64le", }, }, { category: "product_version", name: "go-containerregistry-0.20.3-2.1.ppc64le", product: { name: "go-containerregistry-0.20.3-2.1.ppc64le", product_id: "go-containerregistry-0.20.3-2.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "crane-0.20.3-2.1.s390x", product: { name: "crane-0.20.3-2.1.s390x", product_id: "crane-0.20.3-2.1.s390x", }, }, { category: "product_version", name: "crane-bash-completion-0.20.3-2.1.s390x", product: { name: "crane-bash-completion-0.20.3-2.1.s390x", product_id: "crane-bash-completion-0.20.3-2.1.s390x", }, }, { category: "product_version", name: "crane-fish-completion-0.20.3-2.1.s390x", product: { name: "crane-fish-completion-0.20.3-2.1.s390x", product_id: "crane-fish-completion-0.20.3-2.1.s390x", }, }, { category: "product_version", name: "crane-zsh-completion-0.20.3-2.1.s390x", product: { name: "crane-zsh-completion-0.20.3-2.1.s390x", product_id: "crane-zsh-completion-0.20.3-2.1.s390x", }, }, { category: "product_version", name: "gcrane-0.20.3-2.1.s390x", product: { name: "gcrane-0.20.3-2.1.s390x", product_id: "gcrane-0.20.3-2.1.s390x", }, }, { category: "product_version", name: "gcrane-bash-completion-0.20.3-2.1.s390x", product: { name: "gcrane-bash-completion-0.20.3-2.1.s390x", product_id: "gcrane-bash-completion-0.20.3-2.1.s390x", }, }, { category: "product_version", name: "gcrane-fish-completion-0.20.3-2.1.s390x", product: { name: "gcrane-fish-completion-0.20.3-2.1.s390x", product_id: "gcrane-fish-completion-0.20.3-2.1.s390x", }, }, { category: "product_version", name: "gcrane-zsh-completion-0.20.3-2.1.s390x", product: { name: "gcrane-zsh-completion-0.20.3-2.1.s390x", product_id: "gcrane-zsh-completion-0.20.3-2.1.s390x", }, }, { category: "product_version", name: "go-containerregistry-0.20.3-2.1.s390x", product: { name: "go-containerregistry-0.20.3-2.1.s390x", product_id: "go-containerregistry-0.20.3-2.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "crane-0.20.3-2.1.x86_64", product: { name: "crane-0.20.3-2.1.x86_64", product_id: "crane-0.20.3-2.1.x86_64", }, }, { category: "product_version", name: "crane-bash-completion-0.20.3-2.1.x86_64", product: { name: "crane-bash-completion-0.20.3-2.1.x86_64", product_id: "crane-bash-completion-0.20.3-2.1.x86_64", }, }, { category: "product_version", name: "crane-fish-completion-0.20.3-2.1.x86_64", product: { name: "crane-fish-completion-0.20.3-2.1.x86_64", product_id: "crane-fish-completion-0.20.3-2.1.x86_64", }, }, { category: "product_version", name: "crane-zsh-completion-0.20.3-2.1.x86_64", product: { name: "crane-zsh-completion-0.20.3-2.1.x86_64", product_id: "crane-zsh-completion-0.20.3-2.1.x86_64", }, }, { category: "product_version", name: "gcrane-0.20.3-2.1.x86_64", product: { name: "gcrane-0.20.3-2.1.x86_64", product_id: "gcrane-0.20.3-2.1.x86_64", }, }, { category: "product_version", name: "gcrane-bash-completion-0.20.3-2.1.x86_64", product: { name: "gcrane-bash-completion-0.20.3-2.1.x86_64", product_id: "gcrane-bash-completion-0.20.3-2.1.x86_64", }, }, { category: "product_version", name: "gcrane-fish-completion-0.20.3-2.1.x86_64", product: { name: "gcrane-fish-completion-0.20.3-2.1.x86_64", product_id: "gcrane-fish-completion-0.20.3-2.1.x86_64", }, }, { category: "product_version", name: "gcrane-zsh-completion-0.20.3-2.1.x86_64", product: { name: "gcrane-zsh-completion-0.20.3-2.1.x86_64", product_id: "gcrane-zsh-completion-0.20.3-2.1.x86_64", }, }, { category: "product_version", name: "go-containerregistry-0.20.3-2.1.x86_64", product: { name: "go-containerregistry-0.20.3-2.1.x86_64", product_id: "go-containerregistry-0.20.3-2.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "crane-0.20.3-2.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:crane-0.20.3-2.1.aarch64", }, product_reference: "crane-0.20.3-2.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "crane-0.20.3-2.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:crane-0.20.3-2.1.ppc64le", }, product_reference: "crane-0.20.3-2.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "crane-0.20.3-2.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:crane-0.20.3-2.1.s390x", }, product_reference: "crane-0.20.3-2.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "crane-0.20.3-2.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:crane-0.20.3-2.1.x86_64", }, product_reference: "crane-0.20.3-2.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "crane-bash-completion-0.20.3-2.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:crane-bash-completion-0.20.3-2.1.aarch64", }, product_reference: "crane-bash-completion-0.20.3-2.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "crane-bash-completion-0.20.3-2.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:crane-bash-completion-0.20.3-2.1.ppc64le", }, product_reference: "crane-bash-completion-0.20.3-2.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "crane-bash-completion-0.20.3-2.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:crane-bash-completion-0.20.3-2.1.s390x", }, product_reference: "crane-bash-completion-0.20.3-2.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "crane-bash-completion-0.20.3-2.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:crane-bash-completion-0.20.3-2.1.x86_64", }, product_reference: "crane-bash-completion-0.20.3-2.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "crane-fish-completion-0.20.3-2.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:crane-fish-completion-0.20.3-2.1.aarch64", }, product_reference: "crane-fish-completion-0.20.3-2.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "crane-fish-completion-0.20.3-2.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:crane-fish-completion-0.20.3-2.1.ppc64le", }, product_reference: "crane-fish-completion-0.20.3-2.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "crane-fish-completion-0.20.3-2.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:crane-fish-completion-0.20.3-2.1.s390x", }, product_reference: "crane-fish-completion-0.20.3-2.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "crane-fish-completion-0.20.3-2.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:crane-fish-completion-0.20.3-2.1.x86_64", }, product_reference: "crane-fish-completion-0.20.3-2.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "crane-zsh-completion-0.20.3-2.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:crane-zsh-completion-0.20.3-2.1.aarch64", }, product_reference: "crane-zsh-completion-0.20.3-2.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "crane-zsh-completion-0.20.3-2.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:crane-zsh-completion-0.20.3-2.1.ppc64le", }, product_reference: "crane-zsh-completion-0.20.3-2.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "crane-zsh-completion-0.20.3-2.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:crane-zsh-completion-0.20.3-2.1.s390x", }, product_reference: "crane-zsh-completion-0.20.3-2.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "crane-zsh-completion-0.20.3-2.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:crane-zsh-completion-0.20.3-2.1.x86_64", }, product_reference: "crane-zsh-completion-0.20.3-2.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "gcrane-0.20.3-2.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:gcrane-0.20.3-2.1.aarch64", }, product_reference: "gcrane-0.20.3-2.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "gcrane-0.20.3-2.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:gcrane-0.20.3-2.1.ppc64le", }, product_reference: "gcrane-0.20.3-2.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "gcrane-0.20.3-2.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:gcrane-0.20.3-2.1.s390x", }, product_reference: "gcrane-0.20.3-2.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "gcrane-0.20.3-2.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:gcrane-0.20.3-2.1.x86_64", }, product_reference: "gcrane-0.20.3-2.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "gcrane-bash-completion-0.20.3-2.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:gcrane-bash-completion-0.20.3-2.1.aarch64", }, product_reference: "gcrane-bash-completion-0.20.3-2.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "gcrane-bash-completion-0.20.3-2.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:gcrane-bash-completion-0.20.3-2.1.ppc64le", }, product_reference: "gcrane-bash-completion-0.20.3-2.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "gcrane-bash-completion-0.20.3-2.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:gcrane-bash-completion-0.20.3-2.1.s390x", }, product_reference: "gcrane-bash-completion-0.20.3-2.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "gcrane-bash-completion-0.20.3-2.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:gcrane-bash-completion-0.20.3-2.1.x86_64", }, product_reference: "gcrane-bash-completion-0.20.3-2.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "gcrane-fish-completion-0.20.3-2.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:gcrane-fish-completion-0.20.3-2.1.aarch64", }, product_reference: "gcrane-fish-completion-0.20.3-2.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "gcrane-fish-completion-0.20.3-2.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:gcrane-fish-completion-0.20.3-2.1.ppc64le", }, product_reference: "gcrane-fish-completion-0.20.3-2.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "gcrane-fish-completion-0.20.3-2.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:gcrane-fish-completion-0.20.3-2.1.s390x", }, product_reference: "gcrane-fish-completion-0.20.3-2.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "gcrane-fish-completion-0.20.3-2.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:gcrane-fish-completion-0.20.3-2.1.x86_64", }, product_reference: "gcrane-fish-completion-0.20.3-2.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "gcrane-zsh-completion-0.20.3-2.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:gcrane-zsh-completion-0.20.3-2.1.aarch64", }, product_reference: "gcrane-zsh-completion-0.20.3-2.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "gcrane-zsh-completion-0.20.3-2.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:gcrane-zsh-completion-0.20.3-2.1.ppc64le", }, product_reference: "gcrane-zsh-completion-0.20.3-2.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "gcrane-zsh-completion-0.20.3-2.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:gcrane-zsh-completion-0.20.3-2.1.s390x", }, product_reference: "gcrane-zsh-completion-0.20.3-2.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "gcrane-zsh-completion-0.20.3-2.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:gcrane-zsh-completion-0.20.3-2.1.x86_64", }, product_reference: "gcrane-zsh-completion-0.20.3-2.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "go-containerregistry-0.20.3-2.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:go-containerregistry-0.20.3-2.1.aarch64", }, product_reference: "go-containerregistry-0.20.3-2.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "go-containerregistry-0.20.3-2.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:go-containerregistry-0.20.3-2.1.ppc64le", }, product_reference: "go-containerregistry-0.20.3-2.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "go-containerregistry-0.20.3-2.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:go-containerregistry-0.20.3-2.1.s390x", }, product_reference: "go-containerregistry-0.20.3-2.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "go-containerregistry-0.20.3-2.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:go-containerregistry-0.20.3-2.1.x86_64", }, product_reference: "go-containerregistry-0.20.3-2.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:crane-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:crane-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:crane-0.20.3-2.1.s390x", "openSUSE Tumbleweed:crane-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:crane-bash-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:crane-bash-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:crane-bash-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:crane-bash-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:crane-fish-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:crane-fish-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:crane-fish-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:crane-fish-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:crane-zsh-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:crane-zsh-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:crane-zsh-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:crane-zsh-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:gcrane-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:gcrane-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:gcrane-0.20.3-2.1.s390x", "openSUSE Tumbleweed:gcrane-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:gcrane-bash-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:gcrane-bash-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:gcrane-bash-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:gcrane-bash-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:gcrane-fish-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:gcrane-fish-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:gcrane-fish-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:gcrane-fish-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:gcrane-zsh-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:gcrane-zsh-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:gcrane-zsh-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:gcrane-zsh-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:go-containerregistry-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:go-containerregistry-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:go-containerregistry-0.20.3-2.1.s390x", "openSUSE Tumbleweed:go-containerregistry-0.20.3-2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:crane-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:crane-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:crane-0.20.3-2.1.s390x", "openSUSE Tumbleweed:crane-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:crane-bash-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:crane-bash-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:crane-bash-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:crane-bash-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:crane-fish-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:crane-fish-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:crane-fish-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:crane-fish-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:crane-zsh-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:crane-zsh-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:crane-zsh-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:crane-zsh-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:gcrane-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:gcrane-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:gcrane-0.20.3-2.1.s390x", "openSUSE Tumbleweed:gcrane-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:gcrane-bash-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:gcrane-bash-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:gcrane-bash-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:gcrane-bash-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:gcrane-fish-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:gcrane-fish-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:gcrane-fish-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:gcrane-fish-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:gcrane-zsh-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:gcrane-zsh-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:gcrane-zsh-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:gcrane-zsh-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:go-containerregistry-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:go-containerregistry-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:go-containerregistry-0.20.3-2.1.s390x", "openSUSE Tumbleweed:go-containerregistry-0.20.3-2.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:crane-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:crane-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:crane-0.20.3-2.1.s390x", "openSUSE Tumbleweed:crane-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:crane-bash-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:crane-bash-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:crane-bash-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:crane-bash-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:crane-fish-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:crane-fish-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:crane-fish-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:crane-fish-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:crane-zsh-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:crane-zsh-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:crane-zsh-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:crane-zsh-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:gcrane-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:gcrane-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:gcrane-0.20.3-2.1.s390x", "openSUSE Tumbleweed:gcrane-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:gcrane-bash-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:gcrane-bash-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:gcrane-bash-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:gcrane-bash-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:gcrane-fish-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:gcrane-fish-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:gcrane-fish-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:gcrane-fish-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:gcrane-zsh-completion-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:gcrane-zsh-completion-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:gcrane-zsh-completion-0.20.3-2.1.s390x", "openSUSE Tumbleweed:gcrane-zsh-completion-0.20.3-2.1.x86_64", "openSUSE Tumbleweed:go-containerregistry-0.20.3-2.1.aarch64", "openSUSE Tumbleweed:go-containerregistry-0.20.3-2.1.ppc64le", "openSUSE Tumbleweed:go-containerregistry-0.20.3-2.1.s390x", "openSUSE Tumbleweed:go-containerregistry-0.20.3-2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-18T00:00:00Z", details: "important", }, ], title: "CVE-2025-22868", }, ], }
opensuse-su-2025:14869-1
Vulnerability from csaf_opensuse
Published
2025-03-11 00:00
Modified
2025-03-11 00:00
Summary
google-guest-agent-20250116.00-3.1 on GA media
Notes
Title of the patch
google-guest-agent-20250116.00-3.1 on GA media
Description of the patch
These are all security issues fixed in the google-guest-agent-20250116.00-3.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-14869
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "google-guest-agent-20250116.00-3.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the google-guest-agent-20250116.00-3.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2025-14869", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14869-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2025:14869-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AU4XP3W2PVBNVPQA4YEB63MRXXOHFOUY/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2025:14869-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AU4XP3W2PVBNVPQA4YEB63MRXXOHFOUY/", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, ], title: "google-guest-agent-20250116.00-3.1 on GA media", tracking: { current_release_date: "2025-03-11T00:00:00Z", generator: { date: "2025-03-11T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2025:14869-1", initial_release_date: "2025-03-11T00:00:00Z", revision_history: [ { date: "2025-03-11T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "google-guest-agent-20250116.00-3.1.aarch64", product: { name: "google-guest-agent-20250116.00-3.1.aarch64", product_id: "google-guest-agent-20250116.00-3.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "google-guest-agent-20250116.00-3.1.ppc64le", product: { name: "google-guest-agent-20250116.00-3.1.ppc64le", product_id: "google-guest-agent-20250116.00-3.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "google-guest-agent-20250116.00-3.1.s390x", product: { name: "google-guest-agent-20250116.00-3.1.s390x", product_id: "google-guest-agent-20250116.00-3.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "google-guest-agent-20250116.00-3.1.x86_64", product: { name: "google-guest-agent-20250116.00-3.1.x86_64", product_id: "google-guest-agent-20250116.00-3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-3.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:google-guest-agent-20250116.00-3.1.aarch64", }, product_reference: "google-guest-agent-20250116.00-3.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-3.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:google-guest-agent-20250116.00-3.1.ppc64le", }, product_reference: "google-guest-agent-20250116.00-3.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-3.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:google-guest-agent-20250116.00-3.1.s390x", }, product_reference: "google-guest-agent-20250116.00-3.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-3.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:google-guest-agent-20250116.00-3.1.x86_64", }, product_reference: "google-guest-agent-20250116.00-3.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:google-guest-agent-20250116.00-3.1.aarch64", "openSUSE Tumbleweed:google-guest-agent-20250116.00-3.1.ppc64le", "openSUSE Tumbleweed:google-guest-agent-20250116.00-3.1.s390x", "openSUSE Tumbleweed:google-guest-agent-20250116.00-3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:google-guest-agent-20250116.00-3.1.aarch64", "openSUSE Tumbleweed:google-guest-agent-20250116.00-3.1.ppc64le", "openSUSE Tumbleweed:google-guest-agent-20250116.00-3.1.s390x", "openSUSE Tumbleweed:google-guest-agent-20250116.00-3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:google-guest-agent-20250116.00-3.1.aarch64", "openSUSE Tumbleweed:google-guest-agent-20250116.00-3.1.ppc64le", "openSUSE Tumbleweed:google-guest-agent-20250116.00-3.1.s390x", "openSUSE Tumbleweed:google-guest-agent-20250116.00-3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-11T00:00:00Z", details: "important", }, ], title: "CVE-2025-22868", }, ], }
opensuse-su-2025:14839-1
Vulnerability from csaf_opensuse
Published
2025-02-26 00:00
Modified
2025-02-26 00:00
Summary
teleport-17.2.9-1.1 on GA media
Notes
Title of the patch
teleport-17.2.9-1.1 on GA media
Description of the patch
These are all security issues fixed in the teleport-17.2.9-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-14839
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "teleport-17.2.9-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the teleport-17.2.9-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2025-14839", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14839-1.json", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, { category: "self", summary: "SUSE CVE CVE-2025-22869 page", url: "https://www.suse.com/security/cve/CVE-2025-22869/", }, { category: "self", summary: "SUSE CVE CVE-2025-27144 page", url: "https://www.suse.com/security/cve/CVE-2025-27144/", }, ], title: "teleport-17.2.9-1.1 on GA media", tracking: { current_release_date: "2025-02-26T00:00:00Z", generator: { date: "2025-02-26T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2025:14839-1", initial_release_date: "2025-02-26T00:00:00Z", revision_history: [ { date: "2025-02-26T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "teleport-17.2.9-1.1.aarch64", product: { name: "teleport-17.2.9-1.1.aarch64", product_id: "teleport-17.2.9-1.1.aarch64", }, }, { category: "product_version", name: "teleport-bash-completion-17.2.9-1.1.aarch64", product: { name: "teleport-bash-completion-17.2.9-1.1.aarch64", product_id: "teleport-bash-completion-17.2.9-1.1.aarch64", }, }, { category: "product_version", name: "teleport-fdpass-teleport-17.2.9-1.1.aarch64", product: { name: "teleport-fdpass-teleport-17.2.9-1.1.aarch64", product_id: "teleport-fdpass-teleport-17.2.9-1.1.aarch64", }, }, { category: "product_version", name: "teleport-tbot-17.2.9-1.1.aarch64", product: { name: "teleport-tbot-17.2.9-1.1.aarch64", product_id: "teleport-tbot-17.2.9-1.1.aarch64", }, }, { category: "product_version", name: "teleport-tbot-bash-completion-17.2.9-1.1.aarch64", product: { name: "teleport-tbot-bash-completion-17.2.9-1.1.aarch64", product_id: "teleport-tbot-bash-completion-17.2.9-1.1.aarch64", }, }, { category: "product_version", name: "teleport-tbot-zsh-completion-17.2.9-1.1.aarch64", product: { name: "teleport-tbot-zsh-completion-17.2.9-1.1.aarch64", product_id: "teleport-tbot-zsh-completion-17.2.9-1.1.aarch64", }, }, { category: "product_version", name: "teleport-tctl-17.2.9-1.1.aarch64", product: { name: "teleport-tctl-17.2.9-1.1.aarch64", product_id: "teleport-tctl-17.2.9-1.1.aarch64", }, }, { category: "product_version", name: "teleport-tctl-bash-completion-17.2.9-1.1.aarch64", product: { name: "teleport-tctl-bash-completion-17.2.9-1.1.aarch64", product_id: "teleport-tctl-bash-completion-17.2.9-1.1.aarch64", }, }, { category: "product_version", name: "teleport-tctl-zsh-completion-17.2.9-1.1.aarch64", product: { name: "teleport-tctl-zsh-completion-17.2.9-1.1.aarch64", product_id: "teleport-tctl-zsh-completion-17.2.9-1.1.aarch64", }, }, { category: "product_version", name: "teleport-tsh-17.2.9-1.1.aarch64", product: { name: "teleport-tsh-17.2.9-1.1.aarch64", product_id: "teleport-tsh-17.2.9-1.1.aarch64", }, }, { category: "product_version", name: "teleport-tsh-bash-completion-17.2.9-1.1.aarch64", product: { name: "teleport-tsh-bash-completion-17.2.9-1.1.aarch64", product_id: "teleport-tsh-bash-completion-17.2.9-1.1.aarch64", }, }, { category: "product_version", name: "teleport-tsh-zsh-completion-17.2.9-1.1.aarch64", product: { name: "teleport-tsh-zsh-completion-17.2.9-1.1.aarch64", product_id: "teleport-tsh-zsh-completion-17.2.9-1.1.aarch64", }, }, { category: "product_version", name: "teleport-zsh-completion-17.2.9-1.1.aarch64", product: { name: "teleport-zsh-completion-17.2.9-1.1.aarch64", product_id: "teleport-zsh-completion-17.2.9-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "teleport-17.2.9-1.1.ppc64le", product: { name: "teleport-17.2.9-1.1.ppc64le", product_id: "teleport-17.2.9-1.1.ppc64le", }, }, { category: "product_version", name: "teleport-bash-completion-17.2.9-1.1.ppc64le", product: { name: "teleport-bash-completion-17.2.9-1.1.ppc64le", product_id: "teleport-bash-completion-17.2.9-1.1.ppc64le", }, }, { category: "product_version", name: "teleport-fdpass-teleport-17.2.9-1.1.ppc64le", product: { name: "teleport-fdpass-teleport-17.2.9-1.1.ppc64le", product_id: "teleport-fdpass-teleport-17.2.9-1.1.ppc64le", }, }, { category: "product_version", name: "teleport-tbot-17.2.9-1.1.ppc64le", product: { name: "teleport-tbot-17.2.9-1.1.ppc64le", product_id: "teleport-tbot-17.2.9-1.1.ppc64le", }, }, { category: "product_version", name: "teleport-tbot-bash-completion-17.2.9-1.1.ppc64le", product: { name: "teleport-tbot-bash-completion-17.2.9-1.1.ppc64le", product_id: "teleport-tbot-bash-completion-17.2.9-1.1.ppc64le", }, }, { category: "product_version", name: "teleport-tbot-zsh-completion-17.2.9-1.1.ppc64le", product: { name: "teleport-tbot-zsh-completion-17.2.9-1.1.ppc64le", product_id: "teleport-tbot-zsh-completion-17.2.9-1.1.ppc64le", }, }, { category: "product_version", name: "teleport-tctl-17.2.9-1.1.ppc64le", product: { name: "teleport-tctl-17.2.9-1.1.ppc64le", product_id: "teleport-tctl-17.2.9-1.1.ppc64le", }, }, { category: "product_version", name: "teleport-tctl-bash-completion-17.2.9-1.1.ppc64le", product: { name: "teleport-tctl-bash-completion-17.2.9-1.1.ppc64le", product_id: "teleport-tctl-bash-completion-17.2.9-1.1.ppc64le", }, }, { category: "product_version", name: "teleport-tctl-zsh-completion-17.2.9-1.1.ppc64le", product: { name: "teleport-tctl-zsh-completion-17.2.9-1.1.ppc64le", product_id: "teleport-tctl-zsh-completion-17.2.9-1.1.ppc64le", }, }, { category: "product_version", name: "teleport-tsh-17.2.9-1.1.ppc64le", product: { name: "teleport-tsh-17.2.9-1.1.ppc64le", product_id: "teleport-tsh-17.2.9-1.1.ppc64le", }, }, { category: "product_version", name: "teleport-tsh-bash-completion-17.2.9-1.1.ppc64le", product: { name: "teleport-tsh-bash-completion-17.2.9-1.1.ppc64le", product_id: "teleport-tsh-bash-completion-17.2.9-1.1.ppc64le", }, }, { category: "product_version", name: "teleport-tsh-zsh-completion-17.2.9-1.1.ppc64le", product: { name: "teleport-tsh-zsh-completion-17.2.9-1.1.ppc64le", product_id: "teleport-tsh-zsh-completion-17.2.9-1.1.ppc64le", }, }, { category: "product_version", name: "teleport-zsh-completion-17.2.9-1.1.ppc64le", product: { name: "teleport-zsh-completion-17.2.9-1.1.ppc64le", product_id: "teleport-zsh-completion-17.2.9-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "teleport-17.2.9-1.1.s390x", product: { name: "teleport-17.2.9-1.1.s390x", product_id: "teleport-17.2.9-1.1.s390x", }, }, { category: "product_version", name: "teleport-bash-completion-17.2.9-1.1.s390x", product: { name: "teleport-bash-completion-17.2.9-1.1.s390x", product_id: "teleport-bash-completion-17.2.9-1.1.s390x", }, }, { category: "product_version", name: "teleport-fdpass-teleport-17.2.9-1.1.s390x", product: { name: "teleport-fdpass-teleport-17.2.9-1.1.s390x", product_id: "teleport-fdpass-teleport-17.2.9-1.1.s390x", }, }, { category: "product_version", name: "teleport-tbot-17.2.9-1.1.s390x", product: { name: "teleport-tbot-17.2.9-1.1.s390x", product_id: "teleport-tbot-17.2.9-1.1.s390x", }, }, { category: "product_version", name: "teleport-tbot-bash-completion-17.2.9-1.1.s390x", product: { name: "teleport-tbot-bash-completion-17.2.9-1.1.s390x", product_id: "teleport-tbot-bash-completion-17.2.9-1.1.s390x", }, }, { category: "product_version", name: "teleport-tbot-zsh-completion-17.2.9-1.1.s390x", product: { name: "teleport-tbot-zsh-completion-17.2.9-1.1.s390x", product_id: "teleport-tbot-zsh-completion-17.2.9-1.1.s390x", }, }, { category: "product_version", name: "teleport-tctl-17.2.9-1.1.s390x", product: { name: "teleport-tctl-17.2.9-1.1.s390x", product_id: "teleport-tctl-17.2.9-1.1.s390x", }, }, { category: "product_version", name: "teleport-tctl-bash-completion-17.2.9-1.1.s390x", product: { name: "teleport-tctl-bash-completion-17.2.9-1.1.s390x", product_id: "teleport-tctl-bash-completion-17.2.9-1.1.s390x", }, }, { category: "product_version", name: "teleport-tctl-zsh-completion-17.2.9-1.1.s390x", product: { name: "teleport-tctl-zsh-completion-17.2.9-1.1.s390x", product_id: "teleport-tctl-zsh-completion-17.2.9-1.1.s390x", }, }, { category: "product_version", name: "teleport-tsh-17.2.9-1.1.s390x", product: { name: "teleport-tsh-17.2.9-1.1.s390x", product_id: "teleport-tsh-17.2.9-1.1.s390x", }, }, { category: "product_version", name: "teleport-tsh-bash-completion-17.2.9-1.1.s390x", product: { name: "teleport-tsh-bash-completion-17.2.9-1.1.s390x", product_id: "teleport-tsh-bash-completion-17.2.9-1.1.s390x", }, }, { category: "product_version", name: "teleport-tsh-zsh-completion-17.2.9-1.1.s390x", product: { name: "teleport-tsh-zsh-completion-17.2.9-1.1.s390x", product_id: "teleport-tsh-zsh-completion-17.2.9-1.1.s390x", }, }, { category: "product_version", name: "teleport-zsh-completion-17.2.9-1.1.s390x", product: { name: "teleport-zsh-completion-17.2.9-1.1.s390x", product_id: "teleport-zsh-completion-17.2.9-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "teleport-17.2.9-1.1.x86_64", product: { name: "teleport-17.2.9-1.1.x86_64", product_id: "teleport-17.2.9-1.1.x86_64", }, }, { category: "product_version", name: "teleport-bash-completion-17.2.9-1.1.x86_64", product: { name: "teleport-bash-completion-17.2.9-1.1.x86_64", product_id: "teleport-bash-completion-17.2.9-1.1.x86_64", }, }, { category: "product_version", name: "teleport-fdpass-teleport-17.2.9-1.1.x86_64", product: { name: "teleport-fdpass-teleport-17.2.9-1.1.x86_64", product_id: "teleport-fdpass-teleport-17.2.9-1.1.x86_64", }, }, { category: "product_version", name: "teleport-tbot-17.2.9-1.1.x86_64", product: { name: "teleport-tbot-17.2.9-1.1.x86_64", product_id: "teleport-tbot-17.2.9-1.1.x86_64", }, }, { category: "product_version", name: "teleport-tbot-bash-completion-17.2.9-1.1.x86_64", product: { name: "teleport-tbot-bash-completion-17.2.9-1.1.x86_64", product_id: "teleport-tbot-bash-completion-17.2.9-1.1.x86_64", }, }, { category: "product_version", name: "teleport-tbot-zsh-completion-17.2.9-1.1.x86_64", product: { name: "teleport-tbot-zsh-completion-17.2.9-1.1.x86_64", product_id: "teleport-tbot-zsh-completion-17.2.9-1.1.x86_64", }, }, { category: "product_version", name: "teleport-tctl-17.2.9-1.1.x86_64", product: { name: "teleport-tctl-17.2.9-1.1.x86_64", product_id: "teleport-tctl-17.2.9-1.1.x86_64", }, }, { category: "product_version", name: "teleport-tctl-bash-completion-17.2.9-1.1.x86_64", product: { name: "teleport-tctl-bash-completion-17.2.9-1.1.x86_64", product_id: "teleport-tctl-bash-completion-17.2.9-1.1.x86_64", }, }, { category: "product_version", name: "teleport-tctl-zsh-completion-17.2.9-1.1.x86_64", product: { name: "teleport-tctl-zsh-completion-17.2.9-1.1.x86_64", product_id: "teleport-tctl-zsh-completion-17.2.9-1.1.x86_64", }, }, { category: "product_version", name: "teleport-tsh-17.2.9-1.1.x86_64", product: { name: "teleport-tsh-17.2.9-1.1.x86_64", product_id: "teleport-tsh-17.2.9-1.1.x86_64", }, }, { category: "product_version", name: "teleport-tsh-bash-completion-17.2.9-1.1.x86_64", product: { name: "teleport-tsh-bash-completion-17.2.9-1.1.x86_64", product_id: "teleport-tsh-bash-completion-17.2.9-1.1.x86_64", }, }, { category: "product_version", name: "teleport-tsh-zsh-completion-17.2.9-1.1.x86_64", product: { name: "teleport-tsh-zsh-completion-17.2.9-1.1.x86_64", product_id: "teleport-tsh-zsh-completion-17.2.9-1.1.x86_64", }, }, { category: "product_version", name: "teleport-zsh-completion-17.2.9-1.1.x86_64", product: { name: "teleport-zsh-completion-17.2.9-1.1.x86_64", product_id: "teleport-zsh-completion-17.2.9-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "teleport-17.2.9-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-17.2.9-1.1.aarch64", }, product_reference: "teleport-17.2.9-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-17.2.9-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-17.2.9-1.1.ppc64le", }, product_reference: "teleport-17.2.9-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-17.2.9-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-17.2.9-1.1.s390x", }, product_reference: "teleport-17.2.9-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-17.2.9-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-17.2.9-1.1.x86_64", }, product_reference: "teleport-17.2.9-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-bash-completion-17.2.9-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.aarch64", }, product_reference: "teleport-bash-completion-17.2.9-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-bash-completion-17.2.9-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.ppc64le", }, product_reference: "teleport-bash-completion-17.2.9-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-bash-completion-17.2.9-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.s390x", }, product_reference: "teleport-bash-completion-17.2.9-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-bash-completion-17.2.9-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.x86_64", }, product_reference: "teleport-bash-completion-17.2.9-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-fdpass-teleport-17.2.9-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.aarch64", }, product_reference: "teleport-fdpass-teleport-17.2.9-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-fdpass-teleport-17.2.9-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.ppc64le", }, product_reference: "teleport-fdpass-teleport-17.2.9-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-fdpass-teleport-17.2.9-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.s390x", }, product_reference: "teleport-fdpass-teleport-17.2.9-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-fdpass-teleport-17.2.9-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.x86_64", }, product_reference: "teleport-fdpass-teleport-17.2.9-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tbot-17.2.9-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.aarch64", }, product_reference: "teleport-tbot-17.2.9-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tbot-17.2.9-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.ppc64le", }, product_reference: "teleport-tbot-17.2.9-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tbot-17.2.9-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.s390x", }, product_reference: "teleport-tbot-17.2.9-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tbot-17.2.9-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.x86_64", }, product_reference: "teleport-tbot-17.2.9-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tbot-bash-completion-17.2.9-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.aarch64", }, product_reference: "teleport-tbot-bash-completion-17.2.9-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tbot-bash-completion-17.2.9-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.ppc64le", }, product_reference: "teleport-tbot-bash-completion-17.2.9-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tbot-bash-completion-17.2.9-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.s390x", }, product_reference: "teleport-tbot-bash-completion-17.2.9-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tbot-bash-completion-17.2.9-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.x86_64", }, product_reference: "teleport-tbot-bash-completion-17.2.9-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tbot-zsh-completion-17.2.9-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.aarch64", }, product_reference: "teleport-tbot-zsh-completion-17.2.9-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tbot-zsh-completion-17.2.9-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.ppc64le", }, product_reference: "teleport-tbot-zsh-completion-17.2.9-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tbot-zsh-completion-17.2.9-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.s390x", }, product_reference: "teleport-tbot-zsh-completion-17.2.9-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tbot-zsh-completion-17.2.9-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.x86_64", }, product_reference: "teleport-tbot-zsh-completion-17.2.9-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tctl-17.2.9-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.aarch64", }, product_reference: "teleport-tctl-17.2.9-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tctl-17.2.9-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.ppc64le", }, product_reference: "teleport-tctl-17.2.9-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tctl-17.2.9-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.s390x", }, product_reference: "teleport-tctl-17.2.9-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tctl-17.2.9-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.x86_64", }, product_reference: "teleport-tctl-17.2.9-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tctl-bash-completion-17.2.9-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.aarch64", }, product_reference: "teleport-tctl-bash-completion-17.2.9-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tctl-bash-completion-17.2.9-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.ppc64le", }, product_reference: "teleport-tctl-bash-completion-17.2.9-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tctl-bash-completion-17.2.9-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.s390x", }, product_reference: "teleport-tctl-bash-completion-17.2.9-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tctl-bash-completion-17.2.9-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.x86_64", }, product_reference: "teleport-tctl-bash-completion-17.2.9-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tctl-zsh-completion-17.2.9-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.aarch64", }, product_reference: "teleport-tctl-zsh-completion-17.2.9-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tctl-zsh-completion-17.2.9-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.ppc64le", }, product_reference: "teleport-tctl-zsh-completion-17.2.9-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tctl-zsh-completion-17.2.9-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.s390x", }, product_reference: "teleport-tctl-zsh-completion-17.2.9-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tctl-zsh-completion-17.2.9-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.x86_64", }, product_reference: "teleport-tctl-zsh-completion-17.2.9-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tsh-17.2.9-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.aarch64", }, product_reference: "teleport-tsh-17.2.9-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tsh-17.2.9-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.ppc64le", }, product_reference: "teleport-tsh-17.2.9-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tsh-17.2.9-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.s390x", }, product_reference: "teleport-tsh-17.2.9-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tsh-17.2.9-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.x86_64", }, product_reference: "teleport-tsh-17.2.9-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tsh-bash-completion-17.2.9-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.aarch64", }, product_reference: "teleport-tsh-bash-completion-17.2.9-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tsh-bash-completion-17.2.9-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.ppc64le", }, product_reference: "teleport-tsh-bash-completion-17.2.9-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tsh-bash-completion-17.2.9-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.s390x", }, product_reference: "teleport-tsh-bash-completion-17.2.9-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tsh-bash-completion-17.2.9-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.x86_64", }, product_reference: "teleport-tsh-bash-completion-17.2.9-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tsh-zsh-completion-17.2.9-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.aarch64", }, product_reference: "teleport-tsh-zsh-completion-17.2.9-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tsh-zsh-completion-17.2.9-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.ppc64le", }, product_reference: "teleport-tsh-zsh-completion-17.2.9-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tsh-zsh-completion-17.2.9-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.s390x", }, product_reference: "teleport-tsh-zsh-completion-17.2.9-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-tsh-zsh-completion-17.2.9-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.x86_64", }, product_reference: "teleport-tsh-zsh-completion-17.2.9-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-zsh-completion-17.2.9-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.aarch64", }, product_reference: "teleport-zsh-completion-17.2.9-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-zsh-completion-17.2.9-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.ppc64le", }, product_reference: "teleport-zsh-completion-17.2.9-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-zsh-completion-17.2.9-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.s390x", }, product_reference: "teleport-zsh-completion-17.2.9-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "teleport-zsh-completion-17.2.9-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.x86_64", }, product_reference: "teleport-zsh-completion-17.2.9-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-02-26T00:00:00Z", details: "important", }, ], title: "CVE-2025-22868", }, { cve: "CVE-2025-22869", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22869", }, ], notes: [ { category: "general", text: "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22869", url: "https://www.suse.com/security/cve/CVE-2025-22869", }, { category: "external", summary: "SUSE Bug 1239322 for CVE-2025-22869", url: "https://bugzilla.suse.com/1239322", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-02-26T00:00:00Z", details: "important", }, ], title: "CVE-2025-22869", }, { cve: "CVE-2025-27144", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-27144", }, ], notes: [ { category: "general", text: "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-27144", url: "https://www.suse.com/security/cve/CVE-2025-27144", }, { category: "external", summary: "SUSE Bug 1237608 for CVE-2025-27144", url: "https://bugzilla.suse.com/1237608", }, { category: "external", summary: "SUSE Bug 1237609 for CVE-2025-27144", url: "https://bugzilla.suse.com/1237609", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-fdpass-teleport-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.2.9-1.1.x86_64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.aarch64", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.ppc64le", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.s390x", "openSUSE Tumbleweed:teleport-zsh-completion-17.2.9-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-02-26T00:00:00Z", details: "important", }, ], title: "CVE-2025-27144", }, ], }
opensuse-su-2025:14923-1
Vulnerability from csaf_opensuse
Published
2025-03-25 00:00
Modified
2025-03-25 00:00
Summary
docker-stable-24.0.9_ce-8.1 on GA media
Notes
Title of the patch
docker-stable-24.0.9_ce-8.1 on GA media
Description of the patch
These are all security issues fixed in the docker-stable-24.0.9_ce-8.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-14923
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "docker-stable-24.0.9_ce-8.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the docker-stable-24.0.9_ce-8.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2025-14923", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14923-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2025:14923-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IKWQ6ES2RHURE5QOZDDNTWPTMPKEXYXM/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2025:14923-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/IKWQ6ES2RHURE5QOZDDNTWPTMPKEXYXM/", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, { category: "self", summary: "SUSE CVE CVE-2025-22869 page", url: "https://www.suse.com/security/cve/CVE-2025-22869/", }, ], title: "docker-stable-24.0.9_ce-8.1 on GA media", tracking: { current_release_date: "2025-03-25T00:00:00Z", generator: { date: "2025-03-25T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2025:14923-1", initial_release_date: "2025-03-25T00:00:00Z", revision_history: [ { date: "2025-03-25T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "docker-stable-24.0.9_ce-8.1.aarch64", product: { name: "docker-stable-24.0.9_ce-8.1.aarch64", product_id: "docker-stable-24.0.9_ce-8.1.aarch64", }, }, { category: "product_version", name: "docker-stable-bash-completion-24.0.9_ce-8.1.aarch64", product: { name: "docker-stable-bash-completion-24.0.9_ce-8.1.aarch64", product_id: "docker-stable-bash-completion-24.0.9_ce-8.1.aarch64", }, }, { category: "product_version", name: "docker-stable-buildx-0.19.3-8.1.aarch64", product: { name: "docker-stable-buildx-0.19.3-8.1.aarch64", product_id: "docker-stable-buildx-0.19.3-8.1.aarch64", }, }, { category: "product_version", name: "docker-stable-fish-completion-24.0.9_ce-8.1.aarch64", product: { name: "docker-stable-fish-completion-24.0.9_ce-8.1.aarch64", product_id: "docker-stable-fish-completion-24.0.9_ce-8.1.aarch64", }, }, { category: "product_version", name: "docker-stable-rootless-extras-24.0.9_ce-8.1.aarch64", product: { name: "docker-stable-rootless-extras-24.0.9_ce-8.1.aarch64", product_id: "docker-stable-rootless-extras-24.0.9_ce-8.1.aarch64", }, }, { category: "product_version", name: "docker-stable-zsh-completion-24.0.9_ce-8.1.aarch64", product: { name: "docker-stable-zsh-completion-24.0.9_ce-8.1.aarch64", product_id: "docker-stable-zsh-completion-24.0.9_ce-8.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "docker-stable-24.0.9_ce-8.1.ppc64le", product: { name: "docker-stable-24.0.9_ce-8.1.ppc64le", product_id: "docker-stable-24.0.9_ce-8.1.ppc64le", }, }, { category: "product_version", name: "docker-stable-bash-completion-24.0.9_ce-8.1.ppc64le", product: { name: "docker-stable-bash-completion-24.0.9_ce-8.1.ppc64le", product_id: "docker-stable-bash-completion-24.0.9_ce-8.1.ppc64le", }, }, { category: "product_version", name: "docker-stable-buildx-0.19.3-8.1.ppc64le", product: { name: "docker-stable-buildx-0.19.3-8.1.ppc64le", product_id: "docker-stable-buildx-0.19.3-8.1.ppc64le", }, }, { category: "product_version", name: "docker-stable-fish-completion-24.0.9_ce-8.1.ppc64le", product: { name: "docker-stable-fish-completion-24.0.9_ce-8.1.ppc64le", product_id: "docker-stable-fish-completion-24.0.9_ce-8.1.ppc64le", }, }, { category: "product_version", name: "docker-stable-rootless-extras-24.0.9_ce-8.1.ppc64le", product: { name: "docker-stable-rootless-extras-24.0.9_ce-8.1.ppc64le", product_id: "docker-stable-rootless-extras-24.0.9_ce-8.1.ppc64le", }, }, { category: "product_version", name: "docker-stable-zsh-completion-24.0.9_ce-8.1.ppc64le", product: { name: "docker-stable-zsh-completion-24.0.9_ce-8.1.ppc64le", product_id: "docker-stable-zsh-completion-24.0.9_ce-8.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "docker-stable-24.0.9_ce-8.1.s390x", product: { name: "docker-stable-24.0.9_ce-8.1.s390x", product_id: "docker-stable-24.0.9_ce-8.1.s390x", }, }, { category: "product_version", name: "docker-stable-bash-completion-24.0.9_ce-8.1.s390x", product: { name: "docker-stable-bash-completion-24.0.9_ce-8.1.s390x", product_id: "docker-stable-bash-completion-24.0.9_ce-8.1.s390x", }, }, { category: "product_version", name: "docker-stable-buildx-0.19.3-8.1.s390x", product: { name: "docker-stable-buildx-0.19.3-8.1.s390x", product_id: "docker-stable-buildx-0.19.3-8.1.s390x", }, }, { category: "product_version", name: "docker-stable-fish-completion-24.0.9_ce-8.1.s390x", product: { name: "docker-stable-fish-completion-24.0.9_ce-8.1.s390x", product_id: "docker-stable-fish-completion-24.0.9_ce-8.1.s390x", }, }, { category: "product_version", name: "docker-stable-rootless-extras-24.0.9_ce-8.1.s390x", product: { name: "docker-stable-rootless-extras-24.0.9_ce-8.1.s390x", product_id: "docker-stable-rootless-extras-24.0.9_ce-8.1.s390x", }, }, { category: "product_version", name: "docker-stable-zsh-completion-24.0.9_ce-8.1.s390x", product: { name: "docker-stable-zsh-completion-24.0.9_ce-8.1.s390x", product_id: "docker-stable-zsh-completion-24.0.9_ce-8.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "docker-stable-24.0.9_ce-8.1.x86_64", product: { name: "docker-stable-24.0.9_ce-8.1.x86_64", product_id: "docker-stable-24.0.9_ce-8.1.x86_64", }, }, { category: "product_version", name: "docker-stable-bash-completion-24.0.9_ce-8.1.x86_64", product: { name: "docker-stable-bash-completion-24.0.9_ce-8.1.x86_64", product_id: "docker-stable-bash-completion-24.0.9_ce-8.1.x86_64", }, }, { category: "product_version", name: "docker-stable-buildx-0.19.3-8.1.x86_64", product: { name: "docker-stable-buildx-0.19.3-8.1.x86_64", product_id: "docker-stable-buildx-0.19.3-8.1.x86_64", }, }, { category: "product_version", name: "docker-stable-fish-completion-24.0.9_ce-8.1.x86_64", product: { name: "docker-stable-fish-completion-24.0.9_ce-8.1.x86_64", product_id: "docker-stable-fish-completion-24.0.9_ce-8.1.x86_64", }, }, { category: "product_version", name: "docker-stable-rootless-extras-24.0.9_ce-8.1.x86_64", product: { name: "docker-stable-rootless-extras-24.0.9_ce-8.1.x86_64", product_id: "docker-stable-rootless-extras-24.0.9_ce-8.1.x86_64", }, }, { category: "product_version", name: "docker-stable-zsh-completion-24.0.9_ce-8.1.x86_64", product: { name: "docker-stable-zsh-completion-24.0.9_ce-8.1.x86_64", product_id: "docker-stable-zsh-completion-24.0.9_ce-8.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "docker-stable-24.0.9_ce-8.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.aarch64", }, product_reference: "docker-stable-24.0.9_ce-8.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-24.0.9_ce-8.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.ppc64le", }, product_reference: "docker-stable-24.0.9_ce-8.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-24.0.9_ce-8.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.s390x", }, product_reference: "docker-stable-24.0.9_ce-8.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-24.0.9_ce-8.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.x86_64", }, product_reference: "docker-stable-24.0.9_ce-8.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-bash-completion-24.0.9_ce-8.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.aarch64", }, product_reference: "docker-stable-bash-completion-24.0.9_ce-8.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-bash-completion-24.0.9_ce-8.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.ppc64le", }, product_reference: "docker-stable-bash-completion-24.0.9_ce-8.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-bash-completion-24.0.9_ce-8.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.s390x", }, product_reference: "docker-stable-bash-completion-24.0.9_ce-8.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-bash-completion-24.0.9_ce-8.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.x86_64", }, product_reference: "docker-stable-bash-completion-24.0.9_ce-8.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-buildx-0.19.3-8.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.aarch64", }, product_reference: "docker-stable-buildx-0.19.3-8.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-buildx-0.19.3-8.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.ppc64le", }, product_reference: "docker-stable-buildx-0.19.3-8.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-buildx-0.19.3-8.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.s390x", }, product_reference: "docker-stable-buildx-0.19.3-8.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-buildx-0.19.3-8.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.x86_64", }, product_reference: "docker-stable-buildx-0.19.3-8.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-fish-completion-24.0.9_ce-8.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.aarch64", }, product_reference: "docker-stable-fish-completion-24.0.9_ce-8.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-fish-completion-24.0.9_ce-8.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.ppc64le", }, product_reference: "docker-stable-fish-completion-24.0.9_ce-8.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-fish-completion-24.0.9_ce-8.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.s390x", }, product_reference: "docker-stable-fish-completion-24.0.9_ce-8.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-fish-completion-24.0.9_ce-8.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.x86_64", }, product_reference: "docker-stable-fish-completion-24.0.9_ce-8.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-rootless-extras-24.0.9_ce-8.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.aarch64", }, product_reference: "docker-stable-rootless-extras-24.0.9_ce-8.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-rootless-extras-24.0.9_ce-8.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.ppc64le", }, product_reference: "docker-stable-rootless-extras-24.0.9_ce-8.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-rootless-extras-24.0.9_ce-8.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.s390x", }, product_reference: "docker-stable-rootless-extras-24.0.9_ce-8.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-rootless-extras-24.0.9_ce-8.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.x86_64", }, product_reference: "docker-stable-rootless-extras-24.0.9_ce-8.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-zsh-completion-24.0.9_ce-8.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.aarch64", }, product_reference: "docker-stable-zsh-completion-24.0.9_ce-8.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-zsh-completion-24.0.9_ce-8.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.ppc64le", }, product_reference: "docker-stable-zsh-completion-24.0.9_ce-8.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-zsh-completion-24.0.9_ce-8.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.s390x", }, product_reference: "docker-stable-zsh-completion-24.0.9_ce-8.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "docker-stable-zsh-completion-24.0.9_ce-8.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.x86_64", }, product_reference: "docker-stable-zsh-completion-24.0.9_ce-8.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.s390x", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.s390x", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.s390x", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-25T00:00:00Z", details: "important", }, ], title: "CVE-2025-22868", }, { cve: "CVE-2025-22869", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22869", }, ], notes: [ { category: "general", text: "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.s390x", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22869", url: "https://www.suse.com/security/cve/CVE-2025-22869", }, { category: "external", summary: "SUSE Bug 1239322 for CVE-2025-22869", url: "https://bugzilla.suse.com/1239322", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.s390x", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.s390x", "openSUSE Tumbleweed:docker-stable-buildx-0.19.3-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-8.1.x86_64", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.aarch64", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.ppc64le", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.s390x", "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-8.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-25T00:00:00Z", details: "important", }, ], title: "CVE-2025-22869", }, ], }
opensuse-su-2025:0103-1
Vulnerability from csaf_opensuse
Published
2025-03-24 17:01
Modified
2025-03-24 17:01
Summary
Security update for cadvisor
Notes
Title of the patch
Security update for cadvisor
Description of the patch
This update for cadvisor fixes the following issues:
- update to 0.52.1:
* Make resctrl optional/pluggable
- update to 0.52.0:
* bump containerd related deps: api v1.8.0; errdefs v1.0.0; ttrpc v1.2.6
* chore: Update Prometheus libraries
* bump runc to v1.2.4
* Add Pressure Stall Information Metrics
* Switch to opencontainers/cgroups repository (includes update
from golang 1.22 to 1.24)
* Bump to newer opencontainers/image-spec @ v1.1.1
- update to 0.49.2:
* Cp fix test
* Revert 'reduce_logs_for_kubelet_use_crio'
- CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (boo#1239291)
- Update to version 0.49.1:
* build docker - add --provenance=false flag
* Remove s390x support
* Disable libipmctl in build
* Ugrade base image to 1.22 and alpine 3.18
* fix type of C.malloc in cgo
* Bump runc to v1.1.12
* Bump to bullseye
* Remove section about canary image
* Add note about WebUI auth
* Remove mentions of accelerator from the docs
* reduce_logs_for_kubelet_use_crio
* upgrade actions/checkout and actions/setup-go and actions/upload-artifact
* build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /cmd
* add cadvisor and crio upstream changes
* Avoid using container/podman in manager.go
* container: skip checking for files in non-existent directories.
* Adjust the log level of Initialize Plugins
* add ignored device
* fix: variable naming
* build(deps): bump golang.org/x/net from 0.10.0 to 0.17.0 in /cmd
* manager: require higher verbosity level for container info misses
* Information should be logged on increased verbosity only
* Running do mod tidy
* Running go mod tidy
* Running go mod tidy
* container/libcontainer: Improve limits file parsing perf
* container/libcontainer: Add limit parsing benchmark
* build(deps): bump github.com/cyphar/filepath-securejoin in /cmd
* build(deps): bump github.com/cyphar/filepath-securejoin
* Set verbosity after flag definition
* fix: error message typo
* vendor: bump runc to 1.1.9
* Switch to use busybox from registry.k8s.io
* Bump golang ci lint to v1.54.1
* Bump github.com/docker/docker in /cmd
* Bump github.com/docker/docker
* Bump github.com/docker/distribution in /cmd
* Bump github.com/docker/distribution
* Update genproto dependency to isolated submodule
* remove the check for the existence of NFS files, which will cause unnecessary requests.
* reduce inotify watch
* fix performance degradation of NFS
* fix: fix type issue
* fix: fix cgo memory leak
* ft: export memory kernel usage
* sysinfo: Ignore 'hidden' sysfs device entries
* Increasing required verbosity level
* Patch to fix issue 2341
* podman support: Enable Podman support.
* podman support: Create Podman handler.
* podman support: Changes in Docker handler.
* unit test: machine_swap_bytes
* Add documentation for machine_swap_bytes metric
* Add a machine_swap_bytes metric
* fix: add space trimming for label allowlist
* Upgrade to blang/semver/v4 v4.0.0
* docs(deploy/k8s): remote build for kustomize
* Update dependencies
* Change filepaths to detect online CPUs
* Update actions/checkout to v3
* Fix flags typo
* Updating location of kubernetes/pause image
* Using t.TempDir() in tests
* Unit test: MachineInfo Clone() method
* Bugfix: MachineInfo Clone() - clone SwapCapacity
* Optimize network metrics collection
* Removing calls to deprecates io/ioutil package
* Updating minimum Go version to 1.19
* Request the pid of another container if current pid is not longer valid
* Restructure
* Add CRI-O client timeout setting
* Set containerd grpc.MaxCallRecvMsgSize to 16MB
* Fix asset build
* feat(logging): add verbosity to non-NUMA node warning
* add nerdctl to ignoredDevices
* nvm: Change the 'no NVM devices' log.
* nvm: Fix typo.
* Fix CVE-2022-27664 (#3248)
* resctrl: Reduce size and mode files check (#3264)
* readme: Update Creatone contributor info. (#3265)
* Fix comment to refer to correct client
* build: bump golang to 1.20
* ci: Update golang ci-lint to v1.51.2
* build: Update shebang to python3
* Revert 'dockerfile: Fix typo in go build tags.'
* Decreasing verbosity level for 'Cannot read vendor id correctly, set empty'
* dockerfile: Fix typo in go build tags.
* deps: Move from cloud.google.com/go/compute -> cloud.google.com/go
* use memory.min for reservation memory instead of high
* Mark GOPATH as git safe.directory to fix CI build
* switch to gomodule/redigo from garyburd/redigo
* update go.mod/sum both in root and cmd/
* Drop accelerator metrics and nvidia integration
* Add s390x support for docker image
* typo in MachineInfo spec for SwapCapacity
* add support for swap in machine/info
Patchnames
openSUSE-2025-103
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for cadvisor", title: "Title of the patch", }, { category: "description", text: "This update for cadvisor fixes the following issues:\n\n- update to 0.52.1:\n\n * Make resctrl optional/pluggable\n\n- update to 0.52.0:\n\n * bump containerd related deps: api v1.8.0; errdefs v1.0.0; ttrpc v1.2.6\n * chore: Update Prometheus libraries\n * bump runc to v1.2.4\n * Add Pressure Stall Information Metrics\n * Switch to opencontainers/cgroups repository (includes update\n from golang 1.22 to 1.24)\n * Bump to newer opencontainers/image-spec @ v1.1.1\n\n- update to 0.49.2:\n\n * Cp fix test\n * Revert 'reduce_logs_for_kubelet_use_crio'\n\n - CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 (boo#1239291)\n\n- Update to version 0.49.1:\n\n * build docker - add --provenance=false flag\n * Remove s390x support\n * Disable libipmctl in build\n * Ugrade base image to 1.22 and alpine 3.18\n * fix type of C.malloc in cgo\n * Bump runc to v1.1.12\n * Bump to bullseye\n * Remove section about canary image\n * Add note about WebUI auth\n * Remove mentions of accelerator from the docs\n * reduce_logs_for_kubelet_use_crio\n * upgrade actions/checkout and actions/setup-go and actions/upload-artifact\n * build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 in /cmd\n * add cadvisor and crio upstream changes\n * Avoid using container/podman in manager.go\n * container: skip checking for files in non-existent directories.\n * Adjust the log level of Initialize Plugins\n * add ignored device\n * fix: variable naming\n * build(deps): bump golang.org/x/net from 0.10.0 to 0.17.0 in /cmd\n * manager: require higher verbosity level for container info misses\n * Information should be logged on increased verbosity only\n * Running do mod tidy\n * Running go mod tidy\n * Running go mod tidy\n * container/libcontainer: Improve limits file parsing perf\n * container/libcontainer: Add limit parsing benchmark\n * build(deps): bump github.com/cyphar/filepath-securejoin in /cmd\n * build(deps): bump github.com/cyphar/filepath-securejoin\n * Set verbosity after flag definition\n * fix: error message typo\n * vendor: bump runc to 1.1.9\n * Switch to use busybox from registry.k8s.io\n * Bump golang ci lint to v1.54.1\n * Bump github.com/docker/docker in /cmd\n * Bump github.com/docker/docker\n * Bump github.com/docker/distribution in /cmd\n * Bump github.com/docker/distribution\n * Update genproto dependency to isolated submodule\n * remove the check for the existence of NFS files, which will cause unnecessary requests.\n * reduce inotify watch\n * fix performance degradation of NFS\n * fix: fix type issue\n * fix: fix cgo memory leak\n * ft: export memory kernel usage\n * sysinfo: Ignore 'hidden' sysfs device entries\n * Increasing required verbosity level\n * Patch to fix issue 2341\n * podman support: Enable Podman support.\n * podman support: Create Podman handler.\n * podman support: Changes in Docker handler.\n * unit test: machine_swap_bytes\n * Add documentation for machine_swap_bytes metric\n * Add a machine_swap_bytes metric\n * fix: add space trimming for label allowlist\n * Upgrade to blang/semver/v4 v4.0.0\n * docs(deploy/k8s): remote build for kustomize\n * Update dependencies\n * Change filepaths to detect online CPUs\n * Update actions/checkout to v3\n * Fix flags typo\n * Updating location of kubernetes/pause image\n * Using t.TempDir() in tests\n * Unit test: MachineInfo Clone() method\n * Bugfix: MachineInfo Clone() - clone SwapCapacity\n * Optimize network metrics collection\n * Removing calls to deprecates io/ioutil package\n * Updating minimum Go version to 1.19\n * Request the pid of another container if current pid is not longer valid\n * Restructure\n * Add CRI-O client timeout setting\n * Set containerd grpc.MaxCallRecvMsgSize to 16MB\n * Fix asset build\n * feat(logging): add verbosity to non-NUMA node warning\n * add nerdctl to ignoredDevices\n * nvm: Change the 'no NVM devices' log.\n * nvm: Fix typo.\n * Fix CVE-2022-27664 (#3248)\n * resctrl: Reduce size and mode files check (#3264)\n * readme: Update Creatone contributor info. (#3265)\n * Fix comment to refer to correct client\n * build: bump golang to 1.20\n * ci: Update golang ci-lint to v1.51.2\n * build: Update shebang to python3\n * Revert 'dockerfile: Fix typo in go build tags.'\n * Decreasing verbosity level for 'Cannot read vendor id correctly, set empty'\n * dockerfile: Fix typo in go build tags.\n * deps: Move from cloud.google.com/go/compute -> cloud.google.com/go\n * use memory.min for reservation memory instead of high\n * Mark GOPATH as git safe.directory to fix CI build\n * switch to gomodule/redigo from garyburd/redigo\n * update go.mod/sum both in root and cmd/\n * Drop accelerator metrics and nvidia integration\n * Add s390x support for docker image\n * typo in MachineInfo spec for SwapCapacity\n * add support for swap in machine/info\n", title: "Description of the patch", }, { category: "details", text: "openSUSE-2025-103", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_0103-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2025:0103-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4JTZ2DTLVURMW7SOEALLXE6GW75RG2MM/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2025:0103-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4JTZ2DTLVURMW7SOEALLXE6GW75RG2MM/", }, { category: "self", summary: "SUSE Bug 1222192", url: "https://bugzilla.suse.com/1222192", }, { category: "self", summary: "SUSE Bug 1239291", url: "https://bugzilla.suse.com/1239291", }, { category: "self", summary: "SUSE CVE CVE-2022-27664 page", url: "https://www.suse.com/security/cve/CVE-2022-27664/", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, ], title: "Security update for cadvisor", tracking: { current_release_date: "2025-03-24T17:01:45Z", generator: { date: "2025-03-24T17:01:45Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2025:0103-1", initial_release_date: "2025-03-24T17:01:45Z", revision_history: [ { date: "2025-03-24T17:01:45Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cadvisor-0.52.1-bp156.3.3.1.aarch64", product: { name: "cadvisor-0.52.1-bp156.3.3.1.aarch64", product_id: "cadvisor-0.52.1-bp156.3.3.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "cadvisor-0.52.1-bp156.3.3.1.i586", product: { name: "cadvisor-0.52.1-bp156.3.3.1.i586", product_id: "cadvisor-0.52.1-bp156.3.3.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "cadvisor-0.52.1-bp156.3.3.1.ppc64le", product: { name: "cadvisor-0.52.1-bp156.3.3.1.ppc64le", product_id: "cadvisor-0.52.1-bp156.3.3.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cadvisor-0.52.1-bp156.3.3.1.s390x", product: { name: "cadvisor-0.52.1-bp156.3.3.1.s390x", product_id: "cadvisor-0.52.1-bp156.3.3.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cadvisor-0.52.1-bp156.3.3.1.x86_64", product: { name: "cadvisor-0.52.1-bp156.3.3.1.x86_64", product_id: "cadvisor-0.52.1-bp156.3.3.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Package Hub 15 SP6", product: { name: "SUSE Package Hub 15 SP6", product_id: "SUSE Package Hub 15 SP6", }, }, { category: "product_name", name: "openSUSE Leap 15.6", product: { name: "openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.6", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cadvisor-0.52.1-bp156.3.3.1.aarch64 as component of SUSE Package Hub 15 SP6", product_id: "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.aarch64", }, product_reference: "cadvisor-0.52.1-bp156.3.3.1.aarch64", relates_to_product_reference: "SUSE Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "cadvisor-0.52.1-bp156.3.3.1.i586 as component of SUSE Package Hub 15 SP6", product_id: "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.i586", }, product_reference: "cadvisor-0.52.1-bp156.3.3.1.i586", relates_to_product_reference: "SUSE Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "cadvisor-0.52.1-bp156.3.3.1.ppc64le as component of SUSE Package Hub 15 SP6", product_id: "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.ppc64le", }, product_reference: "cadvisor-0.52.1-bp156.3.3.1.ppc64le", relates_to_product_reference: "SUSE Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "cadvisor-0.52.1-bp156.3.3.1.s390x as component of SUSE Package Hub 15 SP6", product_id: "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.s390x", }, product_reference: "cadvisor-0.52.1-bp156.3.3.1.s390x", relates_to_product_reference: "SUSE Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "cadvisor-0.52.1-bp156.3.3.1.x86_64 as component of SUSE Package Hub 15 SP6", product_id: "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.x86_64", }, product_reference: "cadvisor-0.52.1-bp156.3.3.1.x86_64", relates_to_product_reference: "SUSE Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "cadvisor-0.52.1-bp156.3.3.1.aarch64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.aarch64", }, product_reference: "cadvisor-0.52.1-bp156.3.3.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "cadvisor-0.52.1-bp156.3.3.1.i586 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.i586", }, product_reference: "cadvisor-0.52.1-bp156.3.3.1.i586", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "cadvisor-0.52.1-bp156.3.3.1.ppc64le as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.ppc64le", }, product_reference: "cadvisor-0.52.1-bp156.3.3.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "cadvisor-0.52.1-bp156.3.3.1.s390x as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.s390x", }, product_reference: "cadvisor-0.52.1-bp156.3.3.1.s390x", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "cadvisor-0.52.1-bp156.3.3.1.x86_64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.x86_64", }, product_reference: "cadvisor-0.52.1-bp156.3.3.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.6", }, ], }, vulnerabilities: [ { cve: "CVE-2022-27664", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-27664", }, ], notes: [ { category: "general", text: "In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.aarch64", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.i586", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.ppc64le", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.s390x", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.x86_64", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.aarch64", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.i586", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.ppc64le", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.s390x", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-27664", url: "https://www.suse.com/security/cve/CVE-2022-27664", }, { category: "external", summary: "SUSE Bug 1203185 for CVE-2022-27664", url: "https://bugzilla.suse.com/1203185", }, { category: "external", summary: "SUSE Bug 1203293 for CVE-2022-27664", url: "https://bugzilla.suse.com/1203293", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.aarch64", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.i586", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.ppc64le", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.s390x", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.x86_64", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.aarch64", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.i586", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.ppc64le", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.s390x", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.aarch64", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.i586", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.ppc64le", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.s390x", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.x86_64", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.aarch64", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.i586", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.ppc64le", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.s390x", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-24T17:01:45Z", details: "important", }, ], title: "CVE-2022-27664", }, { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.aarch64", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.i586", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.ppc64le", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.s390x", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.x86_64", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.aarch64", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.i586", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.ppc64le", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.s390x", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.aarch64", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.i586", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.ppc64le", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.s390x", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.x86_64", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.aarch64", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.i586", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.ppc64le", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.s390x", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.aarch64", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.i586", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.ppc64le", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.s390x", "SUSE Package Hub 15 SP6:cadvisor-0.52.1-bp156.3.3.1.x86_64", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.aarch64", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.i586", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.ppc64le", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.s390x", "openSUSE Leap 15.6:cadvisor-0.52.1-bp156.3.3.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-24T17:01:45Z", details: "important", }, ], title: "CVE-2025-22868", }, ], }
opensuse-su-2025:14843-1
Vulnerability from csaf_opensuse
Published
2025-02-27 00:00
Modified
2025-02-27 00:00
Summary
govulncheck-vulndb-0.0.20250226T025151-1.1 on GA media
Notes
Title of the patch
govulncheck-vulndb-0.0.20250226T025151-1.1 on GA media
Description of the patch
These are all security issues fixed in the govulncheck-vulndb-0.0.20250226T025151-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-14843
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "govulncheck-vulndb-0.0.20250226T025151-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the govulncheck-vulndb-0.0.20250226T025151-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2025-14843", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14843-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2025:14843-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CKYE7I5OJNC37LL7255HIGX5ALO2LO5S/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2025:14843-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CKYE7I5OJNC37LL7255HIGX5ALO2LO5S/", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, { category: "self", summary: "SUSE CVE CVE-2025-22869 page", url: "https://www.suse.com/security/cve/CVE-2025-22869/", }, ], title: "govulncheck-vulndb-0.0.20250226T025151-1.1 on GA media", tracking: { current_release_date: "2025-02-27T00:00:00Z", generator: { date: "2025-02-27T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2025:14843-1", initial_release_date: "2025-02-27T00:00:00Z", revision_history: [ { date: "2025-02-27T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "govulncheck-vulndb-0.0.20250226T025151-1.1.aarch64", product: { name: "govulncheck-vulndb-0.0.20250226T025151-1.1.aarch64", product_id: "govulncheck-vulndb-0.0.20250226T025151-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "govulncheck-vulndb-0.0.20250226T025151-1.1.ppc64le", product: { name: "govulncheck-vulndb-0.0.20250226T025151-1.1.ppc64le", product_id: "govulncheck-vulndb-0.0.20250226T025151-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "govulncheck-vulndb-0.0.20250226T025151-1.1.s390x", product: { name: "govulncheck-vulndb-0.0.20250226T025151-1.1.s390x", product_id: "govulncheck-vulndb-0.0.20250226T025151-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "govulncheck-vulndb-0.0.20250226T025151-1.1.x86_64", product: { name: "govulncheck-vulndb-0.0.20250226T025151-1.1.x86_64", product_id: "govulncheck-vulndb-0.0.20250226T025151-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "govulncheck-vulndb-0.0.20250226T025151-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.aarch64", }, product_reference: "govulncheck-vulndb-0.0.20250226T025151-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "govulncheck-vulndb-0.0.20250226T025151-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.ppc64le", }, product_reference: "govulncheck-vulndb-0.0.20250226T025151-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "govulncheck-vulndb-0.0.20250226T025151-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.s390x", }, product_reference: "govulncheck-vulndb-0.0.20250226T025151-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "govulncheck-vulndb-0.0.20250226T025151-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.x86_64", }, product_reference: "govulncheck-vulndb-0.0.20250226T025151-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-02-27T00:00:00Z", details: "important", }, ], title: "CVE-2025-22868", }, { cve: "CVE-2025-22869", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22869", }, ], notes: [ { category: "general", text: "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22869", url: "https://www.suse.com/security/cve/CVE-2025-22869", }, { category: "external", summary: "SUSE Bug 1239322 for CVE-2025-22869", url: "https://bugzilla.suse.com/1239322", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250226T025151-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-02-27T00:00:00Z", details: "important", }, ], title: "CVE-2025-22869", }, ], }
opensuse-su-2025:14874-1
Vulnerability from csaf_opensuse
Published
2025-03-11 00:00
Modified
2025-03-11 00:00
Summary
restic-0.17.3-2.1 on GA media
Notes
Title of the patch
restic-0.17.3-2.1 on GA media
Description of the patch
These are all security issues fixed in the restic-0.17.3-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-14874
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "restic-0.17.3-2.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the restic-0.17.3-2.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2025-14874", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14874-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2025:14874-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3KAY6CKW45XK546N3GCKSKWNPBQG7GUO/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2025:14874-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3KAY6CKW45XK546N3GCKSKWNPBQG7GUO/", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, ], title: "restic-0.17.3-2.1 on GA media", tracking: { current_release_date: "2025-03-11T00:00:00Z", generator: { date: "2025-03-11T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2025:14874-1", initial_release_date: "2025-03-11T00:00:00Z", revision_history: [ { date: "2025-03-11T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "restic-0.17.3-2.1.aarch64", product: { name: "restic-0.17.3-2.1.aarch64", product_id: "restic-0.17.3-2.1.aarch64", }, }, { category: "product_version", name: "restic-bash-completion-0.17.3-2.1.aarch64", product: { name: "restic-bash-completion-0.17.3-2.1.aarch64", product_id: "restic-bash-completion-0.17.3-2.1.aarch64", }, }, { category: "product_version", name: "restic-zsh-completion-0.17.3-2.1.aarch64", product: { name: "restic-zsh-completion-0.17.3-2.1.aarch64", product_id: "restic-zsh-completion-0.17.3-2.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "restic-0.17.3-2.1.ppc64le", product: { name: "restic-0.17.3-2.1.ppc64le", product_id: "restic-0.17.3-2.1.ppc64le", }, }, { category: "product_version", name: "restic-bash-completion-0.17.3-2.1.ppc64le", product: { name: "restic-bash-completion-0.17.3-2.1.ppc64le", product_id: "restic-bash-completion-0.17.3-2.1.ppc64le", }, }, { category: "product_version", name: "restic-zsh-completion-0.17.3-2.1.ppc64le", product: { name: "restic-zsh-completion-0.17.3-2.1.ppc64le", product_id: "restic-zsh-completion-0.17.3-2.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "restic-0.17.3-2.1.s390x", product: { name: "restic-0.17.3-2.1.s390x", product_id: "restic-0.17.3-2.1.s390x", }, }, { category: "product_version", name: "restic-bash-completion-0.17.3-2.1.s390x", product: { name: "restic-bash-completion-0.17.3-2.1.s390x", product_id: "restic-bash-completion-0.17.3-2.1.s390x", }, }, { category: "product_version", name: "restic-zsh-completion-0.17.3-2.1.s390x", product: { name: "restic-zsh-completion-0.17.3-2.1.s390x", product_id: "restic-zsh-completion-0.17.3-2.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "restic-0.17.3-2.1.x86_64", product: { name: "restic-0.17.3-2.1.x86_64", product_id: "restic-0.17.3-2.1.x86_64", }, }, { category: "product_version", name: "restic-bash-completion-0.17.3-2.1.x86_64", product: { name: "restic-bash-completion-0.17.3-2.1.x86_64", product_id: "restic-bash-completion-0.17.3-2.1.x86_64", }, }, { category: "product_version", name: "restic-zsh-completion-0.17.3-2.1.x86_64", product: { name: "restic-zsh-completion-0.17.3-2.1.x86_64", product_id: "restic-zsh-completion-0.17.3-2.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "restic-0.17.3-2.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:restic-0.17.3-2.1.aarch64", }, product_reference: "restic-0.17.3-2.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "restic-0.17.3-2.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:restic-0.17.3-2.1.ppc64le", }, product_reference: "restic-0.17.3-2.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "restic-0.17.3-2.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:restic-0.17.3-2.1.s390x", }, product_reference: "restic-0.17.3-2.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "restic-0.17.3-2.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:restic-0.17.3-2.1.x86_64", }, product_reference: "restic-0.17.3-2.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "restic-bash-completion-0.17.3-2.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:restic-bash-completion-0.17.3-2.1.aarch64", }, product_reference: "restic-bash-completion-0.17.3-2.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "restic-bash-completion-0.17.3-2.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:restic-bash-completion-0.17.3-2.1.ppc64le", }, product_reference: "restic-bash-completion-0.17.3-2.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "restic-bash-completion-0.17.3-2.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:restic-bash-completion-0.17.3-2.1.s390x", }, product_reference: "restic-bash-completion-0.17.3-2.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "restic-bash-completion-0.17.3-2.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:restic-bash-completion-0.17.3-2.1.x86_64", }, product_reference: "restic-bash-completion-0.17.3-2.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "restic-zsh-completion-0.17.3-2.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:restic-zsh-completion-0.17.3-2.1.aarch64", }, product_reference: "restic-zsh-completion-0.17.3-2.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "restic-zsh-completion-0.17.3-2.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:restic-zsh-completion-0.17.3-2.1.ppc64le", }, product_reference: "restic-zsh-completion-0.17.3-2.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "restic-zsh-completion-0.17.3-2.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:restic-zsh-completion-0.17.3-2.1.s390x", }, product_reference: "restic-zsh-completion-0.17.3-2.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "restic-zsh-completion-0.17.3-2.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:restic-zsh-completion-0.17.3-2.1.x86_64", }, product_reference: "restic-zsh-completion-0.17.3-2.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:restic-0.17.3-2.1.aarch64", "openSUSE Tumbleweed:restic-0.17.3-2.1.ppc64le", "openSUSE Tumbleweed:restic-0.17.3-2.1.s390x", "openSUSE Tumbleweed:restic-0.17.3-2.1.x86_64", "openSUSE Tumbleweed:restic-bash-completion-0.17.3-2.1.aarch64", "openSUSE Tumbleweed:restic-bash-completion-0.17.3-2.1.ppc64le", "openSUSE Tumbleweed:restic-bash-completion-0.17.3-2.1.s390x", "openSUSE Tumbleweed:restic-bash-completion-0.17.3-2.1.x86_64", "openSUSE Tumbleweed:restic-zsh-completion-0.17.3-2.1.aarch64", "openSUSE Tumbleweed:restic-zsh-completion-0.17.3-2.1.ppc64le", "openSUSE Tumbleweed:restic-zsh-completion-0.17.3-2.1.s390x", "openSUSE Tumbleweed:restic-zsh-completion-0.17.3-2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:restic-0.17.3-2.1.aarch64", "openSUSE Tumbleweed:restic-0.17.3-2.1.ppc64le", "openSUSE Tumbleweed:restic-0.17.3-2.1.s390x", "openSUSE Tumbleweed:restic-0.17.3-2.1.x86_64", "openSUSE Tumbleweed:restic-bash-completion-0.17.3-2.1.aarch64", "openSUSE Tumbleweed:restic-bash-completion-0.17.3-2.1.ppc64le", "openSUSE Tumbleweed:restic-bash-completion-0.17.3-2.1.s390x", "openSUSE Tumbleweed:restic-bash-completion-0.17.3-2.1.x86_64", "openSUSE Tumbleweed:restic-zsh-completion-0.17.3-2.1.aarch64", "openSUSE Tumbleweed:restic-zsh-completion-0.17.3-2.1.ppc64le", "openSUSE Tumbleweed:restic-zsh-completion-0.17.3-2.1.s390x", "openSUSE Tumbleweed:restic-zsh-completion-0.17.3-2.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:restic-0.17.3-2.1.aarch64", "openSUSE Tumbleweed:restic-0.17.3-2.1.ppc64le", "openSUSE Tumbleweed:restic-0.17.3-2.1.s390x", "openSUSE Tumbleweed:restic-0.17.3-2.1.x86_64", "openSUSE Tumbleweed:restic-bash-completion-0.17.3-2.1.aarch64", "openSUSE Tumbleweed:restic-bash-completion-0.17.3-2.1.ppc64le", "openSUSE Tumbleweed:restic-bash-completion-0.17.3-2.1.s390x", "openSUSE Tumbleweed:restic-bash-completion-0.17.3-2.1.x86_64", "openSUSE Tumbleweed:restic-zsh-completion-0.17.3-2.1.aarch64", "openSUSE Tumbleweed:restic-zsh-completion-0.17.3-2.1.ppc64le", "openSUSE Tumbleweed:restic-zsh-completion-0.17.3-2.1.s390x", "openSUSE Tumbleweed:restic-zsh-completion-0.17.3-2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-11T00:00:00Z", details: "important", }, ], title: "CVE-2025-22868", }, ], }
opensuse-su-2025:14904-1
Vulnerability from csaf_opensuse
Published
2025-03-18 00:00
Modified
2025-03-18 00:00
Summary
cadvisor-0.52.1-1.1 on GA media
Notes
Title of the patch
cadvisor-0.52.1-1.1 on GA media
Description of the patch
These are all security issues fixed in the cadvisor-0.52.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-14904
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "cadvisor-0.52.1-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the cadvisor-0.52.1-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2025-14904", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14904-1.json", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, ], title: "cadvisor-0.52.1-1.1 on GA media", tracking: { current_release_date: "2025-03-18T00:00:00Z", generator: { date: "2025-03-18T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2025:14904-1", initial_release_date: "2025-03-18T00:00:00Z", revision_history: [ { date: "2025-03-18T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cadvisor-0.52.1-1.1.aarch64", product: { name: "cadvisor-0.52.1-1.1.aarch64", product_id: "cadvisor-0.52.1-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "cadvisor-0.52.1-1.1.ppc64le", product: { name: "cadvisor-0.52.1-1.1.ppc64le", product_id: "cadvisor-0.52.1-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cadvisor-0.52.1-1.1.s390x", product: { name: "cadvisor-0.52.1-1.1.s390x", product_id: "cadvisor-0.52.1-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cadvisor-0.52.1-1.1.x86_64", product: { name: "cadvisor-0.52.1-1.1.x86_64", product_id: "cadvisor-0.52.1-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cadvisor-0.52.1-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:cadvisor-0.52.1-1.1.aarch64", }, product_reference: "cadvisor-0.52.1-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "cadvisor-0.52.1-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:cadvisor-0.52.1-1.1.ppc64le", }, product_reference: "cadvisor-0.52.1-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "cadvisor-0.52.1-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:cadvisor-0.52.1-1.1.s390x", }, product_reference: "cadvisor-0.52.1-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "cadvisor-0.52.1-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:cadvisor-0.52.1-1.1.x86_64", }, product_reference: "cadvisor-0.52.1-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:cadvisor-0.52.1-1.1.aarch64", "openSUSE Tumbleweed:cadvisor-0.52.1-1.1.ppc64le", "openSUSE Tumbleweed:cadvisor-0.52.1-1.1.s390x", "openSUSE Tumbleweed:cadvisor-0.52.1-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:cadvisor-0.52.1-1.1.aarch64", "openSUSE Tumbleweed:cadvisor-0.52.1-1.1.ppc64le", "openSUSE Tumbleweed:cadvisor-0.52.1-1.1.s390x", "openSUSE Tumbleweed:cadvisor-0.52.1-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:cadvisor-0.52.1-1.1.aarch64", "openSUSE Tumbleweed:cadvisor-0.52.1-1.1.ppc64le", "openSUSE Tumbleweed:cadvisor-0.52.1-1.1.s390x", "openSUSE Tumbleweed:cadvisor-0.52.1-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-18T00:00:00Z", details: "important", }, ], title: "CVE-2025-22868", }, ], }
suse-su-2025:0852-1
Vulnerability from csaf_suse
Published
2025-03-13 10:29
Modified
2025-03-13 10:29
Summary
Security update for google-osconfig-agent
Notes
Title of the patch
Security update for google-osconfig-agent
Description of the patch
This update for google-osconfig-agent fixes the following issues:
- CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197)
Patchnames
SUSE-2025-852,SUSE-SLE-Module-Public-Cloud-12-2025-852
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for google-osconfig-agent", title: "Title of the patch", }, { category: "description", text: "This update for google-osconfig-agent fixes the following issues:\n\n- CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2025-852,SUSE-SLE-Module-Public-Cloud-12-2025-852", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0852-1.json", }, { category: "self", summary: "URL for SUSE-SU-2025:0852-1", url: "https://www.suse.com/support/update/announcement/2025/suse-su-20250852-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2025:0852-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020507.html", }, { category: "self", summary: "SUSE Bug 1239197", url: "https://bugzilla.suse.com/1239197", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, ], title: "Security update for google-osconfig-agent", tracking: { current_release_date: "2025-03-13T10:29:33Z", generator: { date: "2025-03-13T10:29:33Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2025:0852-1", initial_release_date: "2025-03-13T10:29:33Z", revision_history: [ { date: "2025-03-13T10:29:33Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "google-osconfig-agent-20250115.01-1.38.1.aarch64", product: { name: "google-osconfig-agent-20250115.01-1.38.1.aarch64", product_id: "google-osconfig-agent-20250115.01-1.38.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "google-osconfig-agent-20250115.01-1.38.1.i586", product: { name: "google-osconfig-agent-20250115.01-1.38.1.i586", product_id: "google-osconfig-agent-20250115.01-1.38.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "google-osconfig-agent-20250115.01-1.38.1.ppc64le", product: { name: "google-osconfig-agent-20250115.01-1.38.1.ppc64le", product_id: "google-osconfig-agent-20250115.01-1.38.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "google-osconfig-agent-20250115.01-1.38.1.s390x", product: { name: "google-osconfig-agent-20250115.01-1.38.1.s390x", product_id: "google-osconfig-agent-20250115.01-1.38.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "google-osconfig-agent-20250115.01-1.38.1.x86_64", product: { name: "google-osconfig-agent-20250115.01-1.38.1.x86_64", product_id: "google-osconfig-agent-20250115.01-1.38.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 12", product: { name: "SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:12", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-1.38.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:google-osconfig-agent-20250115.01-1.38.1.aarch64", }, product_reference: "google-osconfig-agent-20250115.01-1.38.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-1.38.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:google-osconfig-agent-20250115.01-1.38.1.ppc64le", }, product_reference: "google-osconfig-agent-20250115.01-1.38.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-1.38.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:google-osconfig-agent-20250115.01-1.38.1.s390x", }, product_reference: "google-osconfig-agent-20250115.01-1.38.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-1.38.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:google-osconfig-agent-20250115.01-1.38.1.x86_64", }, product_reference: "google-osconfig-agent-20250115.01-1.38.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, ], }, vulnerabilities: [ { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:google-osconfig-agent-20250115.01-1.38.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 12:google-osconfig-agent-20250115.01-1.38.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 12:google-osconfig-agent-20250115.01-1.38.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 12:google-osconfig-agent-20250115.01-1.38.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:google-osconfig-agent-20250115.01-1.38.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 12:google-osconfig-agent-20250115.01-1.38.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 12:google-osconfig-agent-20250115.01-1.38.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 12:google-osconfig-agent-20250115.01-1.38.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:google-osconfig-agent-20250115.01-1.38.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 12:google-osconfig-agent-20250115.01-1.38.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 12:google-osconfig-agent-20250115.01-1.38.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 12:google-osconfig-agent-20250115.01-1.38.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T10:29:33Z", details: "important", }, ], title: "CVE-2025-22868", }, ], }
suse-su-2025:0872-1
Vulnerability from csaf_suse
Published
2025-03-14 12:50
Modified
2025-03-14 12:50
Summary
Security update for google-guest-agent
Notes
Title of the patch
Security update for google-guest-agent
Description of the patch
This update for google-guest-agent fixes the following issues:
- CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197)
Patchnames
SUSE-2025-872,SUSE-SLE-Module-Public-Cloud-12-2025-872
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for google-guest-agent", title: "Title of the patch", }, { category: "description", text: "This update for google-guest-agent fixes the following issues:\n \n- CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2025-872,SUSE-SLE-Module-Public-Cloud-12-2025-872", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0872-1.json", }, { category: "self", summary: "URL for SUSE-SU-2025:0872-1", url: "https://www.suse.com/support/update/announcement/2025/suse-su-20250872-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2025:0872-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020520.html", }, { category: "self", summary: "SUSE Bug 1239197", url: "https://bugzilla.suse.com/1239197", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, ], title: "Security update for google-guest-agent", tracking: { current_release_date: "2025-03-14T12:50:45Z", generator: { date: "2025-03-14T12:50:45Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2025:0872-1", initial_release_date: "2025-03-14T12:50:45Z", revision_history: [ { date: "2025-03-14T12:50:45Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "google-guest-agent-20250116.00-1.47.2.aarch64", product: { name: "google-guest-agent-20250116.00-1.47.2.aarch64", product_id: "google-guest-agent-20250116.00-1.47.2.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "google-guest-agent-20250116.00-1.47.2.i586", product: { name: "google-guest-agent-20250116.00-1.47.2.i586", product_id: "google-guest-agent-20250116.00-1.47.2.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "google-guest-agent-20250116.00-1.47.2.ppc64le", product: { name: "google-guest-agent-20250116.00-1.47.2.ppc64le", product_id: "google-guest-agent-20250116.00-1.47.2.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "google-guest-agent-20250116.00-1.47.2.s390x", product: { name: "google-guest-agent-20250116.00-1.47.2.s390x", product_id: "google-guest-agent-20250116.00-1.47.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "google-guest-agent-20250116.00-1.47.2.x86_64", product: { name: "google-guest-agent-20250116.00-1.47.2.x86_64", product_id: "google-guest-agent-20250116.00-1.47.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 12", product: { name: "SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:12", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-1.47.2.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:google-guest-agent-20250116.00-1.47.2.aarch64", }, product_reference: "google-guest-agent-20250116.00-1.47.2.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-1.47.2.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:google-guest-agent-20250116.00-1.47.2.ppc64le", }, product_reference: "google-guest-agent-20250116.00-1.47.2.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-1.47.2.s390x as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:google-guest-agent-20250116.00-1.47.2.s390x", }, product_reference: "google-guest-agent-20250116.00-1.47.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-1.47.2.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:google-guest-agent-20250116.00-1.47.2.x86_64", }, product_reference: "google-guest-agent-20250116.00-1.47.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, ], }, vulnerabilities: [ { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:google-guest-agent-20250116.00-1.47.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 12:google-guest-agent-20250116.00-1.47.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 12:google-guest-agent-20250116.00-1.47.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 12:google-guest-agent-20250116.00-1.47.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:google-guest-agent-20250116.00-1.47.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 12:google-guest-agent-20250116.00-1.47.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 12:google-guest-agent-20250116.00-1.47.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 12:google-guest-agent-20250116.00-1.47.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:google-guest-agent-20250116.00-1.47.2.aarch64", "SUSE Linux Enterprise Module for Public Cloud 12:google-guest-agent-20250116.00-1.47.2.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 12:google-guest-agent-20250116.00-1.47.2.s390x", "SUSE Linux Enterprise Module for Public Cloud 12:google-guest-agent-20250116.00-1.47.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-14T12:50:45Z", details: "important", }, ], title: "CVE-2025-22868", }, ], }
suse-su-2025:0881-1
Vulnerability from csaf_suse
Published
2025-03-17 11:24
Modified
2025-03-17 11:24
Summary
Security update for google-cloud-sap-agent
Notes
Title of the patch
Security update for google-cloud-sap-agent
Description of the patch
This update for google-cloud-sap-agent fixes the following issues:
- CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197)
Patchnames
SUSE-2025-881,SUSE-SLE-Module-Public-Cloud-12-2025-881
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for google-cloud-sap-agent", title: "Title of the patch", }, { category: "description", text: "This update for google-cloud-sap-agent fixes the following issues:\n\n- CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197) \n", title: "Description of the patch", }, { category: "details", text: "SUSE-2025-881,SUSE-SLE-Module-Public-Cloud-12-2025-881", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0881-1.json", }, { category: "self", summary: "URL for SUSE-SU-2025:0881-1", url: "https://www.suse.com/support/update/announcement/2025/suse-su-20250881-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2025:0881-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020524.html", }, { category: "self", summary: "SUSE Bug 1239197", url: "https://bugzilla.suse.com/1239197", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, ], title: "Security update for google-cloud-sap-agent", tracking: { current_release_date: "2025-03-17T11:24:54Z", generator: { date: "2025-03-17T11:24:54Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2025:0881-1", initial_release_date: "2025-03-17T11:24:54Z", revision_history: [ { date: "2025-03-17T11:24:54Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "google-cloud-sap-agent-3.6-6.43.1.aarch64", product: { name: "google-cloud-sap-agent-3.6-6.43.1.aarch64", product_id: "google-cloud-sap-agent-3.6-6.43.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "google-cloud-sap-agent-3.6-6.43.1.i586", product: { name: "google-cloud-sap-agent-3.6-6.43.1.i586", product_id: "google-cloud-sap-agent-3.6-6.43.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "google-cloud-sap-agent-3.6-6.43.1.ppc64le", product: { name: "google-cloud-sap-agent-3.6-6.43.1.ppc64le", product_id: "google-cloud-sap-agent-3.6-6.43.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "google-cloud-sap-agent-3.6-6.43.1.s390x", product: { name: "google-cloud-sap-agent-3.6-6.43.1.s390x", product_id: "google-cloud-sap-agent-3.6-6.43.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "google-cloud-sap-agent-3.6-6.43.1.x86_64", product: { name: "google-cloud-sap-agent-3.6-6.43.1.x86_64", product_id: "google-cloud-sap-agent-3.6-6.43.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 12", product: { name: "SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:12", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-6.43.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:google-cloud-sap-agent-3.6-6.43.1.aarch64", }, product_reference: "google-cloud-sap-agent-3.6-6.43.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-6.43.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:google-cloud-sap-agent-3.6-6.43.1.ppc64le", }, product_reference: "google-cloud-sap-agent-3.6-6.43.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-6.43.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:google-cloud-sap-agent-3.6-6.43.1.s390x", }, product_reference: "google-cloud-sap-agent-3.6-6.43.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-6.43.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12", product_id: "SUSE Linux Enterprise Module for Public Cloud 12:google-cloud-sap-agent-3.6-6.43.1.x86_64", }, product_reference: "google-cloud-sap-agent-3.6-6.43.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12", }, ], }, vulnerabilities: [ { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 12:google-cloud-sap-agent-3.6-6.43.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 12:google-cloud-sap-agent-3.6-6.43.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 12:google-cloud-sap-agent-3.6-6.43.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 12:google-cloud-sap-agent-3.6-6.43.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 12:google-cloud-sap-agent-3.6-6.43.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 12:google-cloud-sap-agent-3.6-6.43.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 12:google-cloud-sap-agent-3.6-6.43.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 12:google-cloud-sap-agent-3.6-6.43.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 12:google-cloud-sap-agent-3.6-6.43.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 12:google-cloud-sap-agent-3.6-6.43.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 12:google-cloud-sap-agent-3.6-6.43.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 12:google-cloud-sap-agent-3.6-6.43.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-17T11:24:54Z", details: "important", }, ], title: "CVE-2025-22868", }, ], }
suse-su-2025:0882-1
Vulnerability from csaf_suse
Published
2025-03-17 11:25
Modified
2025-03-17 11:25
Summary
Security update for google-cloud-sap-agent
Notes
Title of the patch
Security update for google-cloud-sap-agent
Description of the patch
This update for google-cloud-sap-agent fixes the following issues:
- CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197)
Patchnames
SUSE-2025-882,SUSE-SLE-Module-Public-Cloud-15-SP3-2025-882,SUSE-SLE-Module-Public-Cloud-15-SP4-2025-882,SUSE-SLE-Module-Public-Cloud-15-SP5-2025-882,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-882,openSUSE-SLE-15.6-2025-882
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for google-cloud-sap-agent", title: "Title of the patch", }, { category: "description", text: "This update for google-cloud-sap-agent fixes the following issues:\n\n- CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2025-882,SUSE-SLE-Module-Public-Cloud-15-SP3-2025-882,SUSE-SLE-Module-Public-Cloud-15-SP4-2025-882,SUSE-SLE-Module-Public-Cloud-15-SP5-2025-882,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-882,openSUSE-SLE-15.6-2025-882", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0882-1.json", }, { category: "self", summary: "URL for SUSE-SU-2025:0882-1", url: "https://www.suse.com/support/update/announcement/2025/suse-su-20250882-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2025:0882-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020523.html", }, { category: "self", summary: "SUSE Bug 1239197", url: "https://bugzilla.suse.com/1239197", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, ], title: "Security update for google-cloud-sap-agent", tracking: { current_release_date: "2025-03-17T11:25:55Z", generator: { date: "2025-03-17T11:25:55Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2025:0882-1", initial_release_date: "2025-03-17T11:25:55Z", revision_history: [ { date: "2025-03-17T11:25:55Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", product: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", product_id: "google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "google-cloud-sap-agent-3.6-150100.3.44.1.i586", product: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.i586", product_id: "google-cloud-sap-agent-3.6-150100.3.44.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", product: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", product_id: "google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "google-cloud-sap-agent-3.6-150100.3.44.1.s390x", product: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.s390x", product_id: "google-cloud-sap-agent-3.6-150100.3.44.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", product: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", product_id: "google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp6", }, }, }, { category: "product_name", name: "openSUSE Leap 15.6", product: { name: "openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.6", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.aarch64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.s390x as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.s390x", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "google-cloud-sap-agent-3.6-150100.3.44.1.x86_64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", }, product_reference: "google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.6", }, ], }, vulnerabilities: [ { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", "openSUSE Leap 15.6:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", "openSUSE Leap 15.6:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", "openSUSE Leap 15.6:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", "openSUSE Leap 15.6:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", "openSUSE Leap 15.6:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", "openSUSE Leap 15.6:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", "openSUSE Leap 15.6:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", "openSUSE Leap 15.6:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", "openSUSE Leap 15.6:google-cloud-sap-agent-3.6-150100.3.44.1.aarch64", "openSUSE Leap 15.6:google-cloud-sap-agent-3.6-150100.3.44.1.ppc64le", "openSUSE Leap 15.6:google-cloud-sap-agent-3.6-150100.3.44.1.s390x", "openSUSE Leap 15.6:google-cloud-sap-agent-3.6-150100.3.44.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-17T11:25:55Z", details: "important", }, ], title: "CVE-2025-22868", }, ], }
suse-su-2025:0770-1
Vulnerability from csaf_suse
Published
2025-03-03 13:41
Modified
2025-03-03 13:41
Summary
Security update for govulncheck-vulndb
Notes
Title of the patch
Security update for govulncheck-vulndb
Description of the patch
This update for govulncheck-vulndb fixes the following issues:
- Update to version 0.0.20250226T025151 2025-02-26T02:51:51Z.
(jsc#PED-11136)
* GO-2025-3487 CVE-2025-22869
* GO-2025-3488 CVE-2025-22868
- Update to version 0.0.20250218T203201 2025-02-18T20:32:01Z.
(jsc#PED-11136)
* GO-2024-3321 CVE-2024-45337 GHSA-v778-237x-gjrc
Patchnames
SUSE-2025-770,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-770,openSUSE-SLE-15.6-2025-770
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for govulncheck-vulndb", title: "Title of the patch", }, { category: "description", text: "This update for govulncheck-vulndb fixes the following issues:\n\n- Update to version 0.0.20250226T025151 2025-02-26T02:51:51Z.\n (jsc#PED-11136)\n\n * GO-2025-3487 CVE-2025-22869\n * GO-2025-3488 CVE-2025-22868\n\n- Update to version 0.0.20250218T203201 2025-02-18T20:32:01Z.\n (jsc#PED-11136)\n\n * GO-2024-3321 CVE-2024-45337 GHSA-v778-237x-gjrc\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2025-770,SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-770,openSUSE-SLE-15.6-2025-770", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0770-1.json", }, { category: "self", summary: "URL for SUSE-SU-2025:0770-1", url: "https://www.suse.com/support/update/announcement/2025/suse-su-20250770-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2025:0770-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020477.html", }, { category: "self", summary: "SUSE CVE CVE-2024-45337 page", url: "https://www.suse.com/security/cve/CVE-2024-45337/", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, { category: "self", summary: "SUSE CVE CVE-2025-22869 page", url: "https://www.suse.com/security/cve/CVE-2025-22869/", }, ], title: "Security update for govulncheck-vulndb", tracking: { current_release_date: "2025-03-03T13:41:31Z", generator: { date: "2025-03-03T13:41:31Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2025:0770-1", initial_release_date: "2025-03-03T13:41:31Z", revision_history: [ { date: "2025-03-03T13:41:31Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", product: { name: "govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", product_id: "govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Package Hub 15 SP6", product: { name: "SUSE Linux Enterprise Module for Package Hub 15 SP6", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6", product_identification_helper: { cpe: "cpe:/o:suse:packagehub:15:sp6", }, }, }, { category: "product_name", name: "openSUSE Leap 15.6", product: { name: "openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.6", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch as component of SUSE Linux Enterprise Module for Package Hub 15 SP6", product_id: "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", }, product_reference: "govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Package Hub 15 SP6", }, { category: "default_component_of", full_product_name: { name: "govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", }, product_reference: "govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", relates_to_product_reference: "openSUSE Leap 15.6", }, ], }, vulnerabilities: [ { cve: "CVE-2024-45337", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-45337", }, ], notes: [ { category: "general", text: "Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that \"A call to this function does not guarantee that the key offered is in fact used to authenticate.\" Specifically, the SSH protocol allows clients to inquire about whether a public key is acceptable before proving control of the corresponding private key. PublicKeyCallback may be called with multiple keys, and the order in which the keys were provided cannot be used to infer which key the client successfully authenticated with, if any. Some applications, which store the key(s) passed to PublicKeyCallback (or derived information) and make security relevant determinations based on it once the connection is established, may make incorrect assumptions. For example, an attacker may send public keys A and B, and then authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B for which the attacker does not actually control the private key. Since this API is widely misused, as a partial mitigation golang.org/x/cry...@v0.31.0 enforces the property that, when successfully authenticating via public key, the last key passed to ServerConfig.PublicKeyCallback will be the key used to authenticate the connection. PublicKeyCallback will now be called multiple times with the same key, if necessary. Note that the client may still not control the last key passed to PublicKeyCallback if the connection is then authenticated with a different method, such as PasswordCallback, KeyboardInteractiveCallback, or NoClientAuth. Users should be using the Extensions field of the Permissions return value from the various authentication callbacks to record data associated with the authentication attempt instead of referencing external state. Once the connection is established the state corresponding to the successful authentication attempt can be retrieved via the ServerConn.Permissions field. Note that some third-party libraries misuse the Permissions type by sharing it across authentication attempts; users of third-party libraries should refer to the relevant projects for guidance.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2024-45337", url: "https://www.suse.com/security/cve/CVE-2024-45337", }, { category: "external", summary: "SUSE Bug 1234482 for CVE-2024-45337", url: "https://bugzilla.suse.com/1234482", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 8.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", ], }, ], threats: [ { category: "impact", date: "2025-03-03T13:41:31Z", details: "important", }, ], title: "CVE-2024-45337", }, { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", ], }, ], threats: [ { category: "impact", date: "2025-03-03T13:41:31Z", details: "important", }, ], title: "CVE-2025-22868", }, { cve: "CVE-2025-22869", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22869", }, ], notes: [ { category: "general", text: "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", ], }, references: [ { category: "external", summary: "CVE-2025-22869", url: "https://www.suse.com/security/cve/CVE-2025-22869", }, { category: "external", summary: "SUSE Bug 1239322 for CVE-2025-22869", url: "https://bugzilla.suse.com/1239322", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Package Hub 15 SP6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", "openSUSE Leap 15.6:govulncheck-vulndb-0.0.20250226T025151-150000.1.35.1.noarch", ], }, ], threats: [ { category: "impact", date: "2025-03-03T13:41:31Z", details: "important", }, ], title: "CVE-2025-22869", }, ], }
suse-su-2025:1006-1
Vulnerability from csaf_suse
Published
2025-03-25 08:44
Modified
2025-03-25 08:44
Summary
Security update for google-osconfig-agent
Notes
Title of the patch
Security update for google-osconfig-agent
Description of the patch
This update for google-osconfig-agent fixes the following issues:
- CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197)
Patchnames
SUSE-2025-1006,SUSE-SLE-Micro-5.5-2025-1006,SUSE-SLE-Module-Public-Cloud-15-SP3-2025-1006,SUSE-SLE-Module-Public-Cloud-15-SP4-2025-1006,SUSE-SLE-Module-Public-Cloud-15-SP5-2025-1006,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1006,openSUSE-SLE-15.6-2025-1006
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for google-osconfig-agent", title: "Title of the patch", }, { category: "description", text: "This update for google-osconfig-agent fixes the following issues:\n\n- CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2025-1006,SUSE-SLE-Micro-5.5-2025-1006,SUSE-SLE-Module-Public-Cloud-15-SP3-2025-1006,SUSE-SLE-Module-Public-Cloud-15-SP4-2025-1006,SUSE-SLE-Module-Public-Cloud-15-SP5-2025-1006,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1006,openSUSE-SLE-15.6-2025-1006", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1006-1.json", }, { category: "self", summary: "URL for SUSE-SU-2025:1006-1", url: "https://www.suse.com/support/update/announcement/2025/suse-su-20251006-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2025:1006-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020592.html", }, { category: "self", summary: "SUSE Bug 1239197", url: "https://bugzilla.suse.com/1239197", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, ], title: "Security update for google-osconfig-agent", tracking: { current_release_date: "2025-03-25T08:44:10Z", generator: { date: "2025-03-25T08:44:10Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2025:1006-1", initial_release_date: "2025-03-25T08:44:10Z", revision_history: [ { date: "2025-03-25T08:44:10Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", product: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", product_id: "google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "google-osconfig-agent-20250115.01-150000.1.47.1.i586", product: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.i586", product_id: "google-osconfig-agent-20250115.01-150000.1.47.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", product: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", product_id: "google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "google-osconfig-agent-20250115.01-150000.1.47.1.s390x", product: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.s390x", product_id: "google-osconfig-agent-20250115.01-150000.1.47.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", product: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", product_id: "google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Micro 5.5", product: { name: "SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5", product_identification_helper: { cpe: "cpe:/o:suse:sle-micro:5.5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp6", }, }, }, { category: "product_name", name: "openSUSE Leap 15.6", product: { name: "openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.6", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.s390x as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.aarch64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.s390x as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.s390x", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "google-osconfig-agent-20250115.01-150000.1.47.1.x86_64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", }, product_reference: "google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.6", }, ], }, vulnerabilities: [ { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.5:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "SUSE Linux Enterprise Micro 5.5:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "SUSE Linux Enterprise Micro 5.5:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "SUSE Linux Enterprise Micro 5.5:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", "openSUSE Leap 15.6:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "openSUSE Leap 15.6:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "openSUSE Leap 15.6:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "openSUSE Leap 15.6:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.5:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "SUSE Linux Enterprise Micro 5.5:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "SUSE Linux Enterprise Micro 5.5:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "SUSE Linux Enterprise Micro 5.5:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", "openSUSE Leap 15.6:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "openSUSE Leap 15.6:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "openSUSE Leap 15.6:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "openSUSE Leap 15.6:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.5:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "SUSE Linux Enterprise Micro 5.5:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "SUSE Linux Enterprise Micro 5.5:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "SUSE Linux Enterprise Micro 5.5:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", "openSUSE Leap 15.6:google-osconfig-agent-20250115.01-150000.1.47.1.aarch64", "openSUSE Leap 15.6:google-osconfig-agent-20250115.01-150000.1.47.1.ppc64le", "openSUSE Leap 15.6:google-osconfig-agent-20250115.01-150000.1.47.1.s390x", "openSUSE Leap 15.6:google-osconfig-agent-20250115.01-150000.1.47.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-25T08:44:10Z", details: "important", }, ], title: "CVE-2025-22868", }, ], }
suse-su-2025:1005-1
Vulnerability from csaf_suse
Published
2025-03-25 08:43
Modified
2025-03-25 08:43
Summary
Security update for google-guest-agent
Notes
Title of the patch
Security update for google-guest-agent
Description of the patch
This update for google-guest-agent fixes the following issues:
- CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197)
Patchnames
SUSE-2025-1005,SUSE-SLE-Micro-5.5-2025-1005,SUSE-SLE-Module-Public-Cloud-15-SP3-2025-1005,SUSE-SLE-Module-Public-Cloud-15-SP4-2025-1005,SUSE-SLE-Module-Public-Cloud-15-SP5-2025-1005,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1005,openSUSE-SLE-15.6-2025-1005
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for google-guest-agent", title: "Title of the patch", }, { category: "description", text: "This update for google-guest-agent fixes the following issues:\n\n- CVE-2025-22868: golang.org/x/oauth2/jws: Fixed unexpected memory consumption during token parsing (bsc#1239197)\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2025-1005,SUSE-SLE-Micro-5.5-2025-1005,SUSE-SLE-Module-Public-Cloud-15-SP3-2025-1005,SUSE-SLE-Module-Public-Cloud-15-SP4-2025-1005,SUSE-SLE-Module-Public-Cloud-15-SP5-2025-1005,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1005,openSUSE-SLE-15.6-2025-1005", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1005-1.json", }, { category: "self", summary: "URL for SUSE-SU-2025:1005-1", url: "https://www.suse.com/support/update/announcement/2025/suse-su-20251005-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2025:1005-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020593.html", }, { category: "self", summary: "SUSE Bug 1239197", url: "https://bugzilla.suse.com/1239197", }, { category: "self", summary: "SUSE CVE CVE-2025-22868 page", url: "https://www.suse.com/security/cve/CVE-2025-22868/", }, ], title: "Security update for google-guest-agent", tracking: { current_release_date: "2025-03-25T08:43:34Z", generator: { date: "2025-03-25T08:43:34Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2025:1005-1", initial_release_date: "2025-03-25T08:43:34Z", revision_history: [ { date: "2025-03-25T08:43:34Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "google-guest-agent-20250116.00-150000.1.57.1.aarch64", product: { name: "google-guest-agent-20250116.00-150000.1.57.1.aarch64", product_id: "google-guest-agent-20250116.00-150000.1.57.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "google-guest-agent-20250116.00-150000.1.57.1.i586", product: { name: "google-guest-agent-20250116.00-150000.1.57.1.i586", product_id: "google-guest-agent-20250116.00-150000.1.57.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "google-guest-agent-20250116.00-150000.1.57.1.ppc64le", product: { name: "google-guest-agent-20250116.00-150000.1.57.1.ppc64le", product_id: "google-guest-agent-20250116.00-150000.1.57.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "google-guest-agent-20250116.00-150000.1.57.1.s390x", product: { name: "google-guest-agent-20250116.00-150000.1.57.1.s390x", product_id: "google-guest-agent-20250116.00-150000.1.57.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "google-guest-agent-20250116.00-150000.1.57.1.x86_64", product: { name: "google-guest-agent-20250116.00-150000.1.57.1.x86_64", product_id: "google-guest-agent-20250116.00-150000.1.57.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Micro 5.5", product: { name: "SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5", product_identification_helper: { cpe: "cpe:/o:suse:sle-micro:5.5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp6", }, }, }, { category: "product_name", name: "openSUSE Leap 15.6", product: { name: "openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.6", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:google-guest-agent-20250116.00-150000.1.57.1.aarch64", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.s390x as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:google-guest-agent-20250116.00-150000.1.57.1.s390x", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5", product_id: "SUSE Linux Enterprise Micro 5.5:google-guest-agent-20250116.00-150000.1.57.1.x86_64", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.5", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-guest-agent-20250116.00-150000.1.57.1.aarch64", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-guest-agent-20250116.00-150000.1.57.1.s390x", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-guest-agent-20250116.00-150000.1.57.1.x86_64", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-guest-agent-20250116.00-150000.1.57.1.aarch64", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-guest-agent-20250116.00-150000.1.57.1.s390x", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-guest-agent-20250116.00-150000.1.57.1.x86_64", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP4", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-guest-agent-20250116.00-150000.1.57.1.aarch64", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-guest-agent-20250116.00-150000.1.57.1.s390x", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-guest-agent-20250116.00-150000.1.57.1.x86_64", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP5", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-guest-agent-20250116.00-150000.1.57.1.aarch64", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-guest-agent-20250116.00-150000.1.57.1.s390x", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-guest-agent-20250116.00-150000.1.57.1.x86_64", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP6", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.aarch64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:google-guest-agent-20250116.00-150000.1.57.1.aarch64", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.ppc64le as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.s390x as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:google-guest-agent-20250116.00-150000.1.57.1.s390x", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.s390x", relates_to_product_reference: "openSUSE Leap 15.6", }, { category: "default_component_of", full_product_name: { name: "google-guest-agent-20250116.00-150000.1.57.1.x86_64 as component of openSUSE Leap 15.6", product_id: "openSUSE Leap 15.6:google-guest-agent-20250116.00-150000.1.57.1.x86_64", }, product_reference: "google-guest-agent-20250116.00-150000.1.57.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.6", }, ], }, vulnerabilities: [ { cve: "CVE-2025-22868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22868", }, ], notes: [ { category: "general", text: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.5:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "SUSE Linux Enterprise Micro 5.5:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "SUSE Linux Enterprise Micro 5.5:google-guest-agent-20250116.00-150000.1.57.1.s390x", "SUSE Linux Enterprise Micro 5.5:google-guest-agent-20250116.00-150000.1.57.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-guest-agent-20250116.00-150000.1.57.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-guest-agent-20250116.00-150000.1.57.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-guest-agent-20250116.00-150000.1.57.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-guest-agent-20250116.00-150000.1.57.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-guest-agent-20250116.00-150000.1.57.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-guest-agent-20250116.00-150000.1.57.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-guest-agent-20250116.00-150000.1.57.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-guest-agent-20250116.00-150000.1.57.1.x86_64", "openSUSE Leap 15.6:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "openSUSE Leap 15.6:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "openSUSE Leap 15.6:google-guest-agent-20250116.00-150000.1.57.1.s390x", "openSUSE Leap 15.6:google-guest-agent-20250116.00-150000.1.57.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22868", url: "https://www.suse.com/security/cve/CVE-2025-22868", }, { category: "external", summary: "SUSE Bug 1239186 for CVE-2025-22868", url: "https://bugzilla.suse.com/1239186", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.5:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "SUSE Linux Enterprise Micro 5.5:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "SUSE Linux Enterprise Micro 5.5:google-guest-agent-20250116.00-150000.1.57.1.s390x", "SUSE Linux Enterprise Micro 5.5:google-guest-agent-20250116.00-150000.1.57.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-guest-agent-20250116.00-150000.1.57.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-guest-agent-20250116.00-150000.1.57.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-guest-agent-20250116.00-150000.1.57.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-guest-agent-20250116.00-150000.1.57.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-guest-agent-20250116.00-150000.1.57.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-guest-agent-20250116.00-150000.1.57.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-guest-agent-20250116.00-150000.1.57.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-guest-agent-20250116.00-150000.1.57.1.x86_64", "openSUSE Leap 15.6:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "openSUSE Leap 15.6:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "openSUSE Leap 15.6:google-guest-agent-20250116.00-150000.1.57.1.s390x", "openSUSE Leap 15.6:google-guest-agent-20250116.00-150000.1.57.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.5:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "SUSE Linux Enterprise Micro 5.5:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "SUSE Linux Enterprise Micro 5.5:google-guest-agent-20250116.00-150000.1.57.1.s390x", "SUSE Linux Enterprise Micro 5.5:google-guest-agent-20250116.00-150000.1.57.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-guest-agent-20250116.00-150000.1.57.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:google-guest-agent-20250116.00-150000.1.57.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-guest-agent-20250116.00-150000.1.57.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP4:google-guest-agent-20250116.00-150000.1.57.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-guest-agent-20250116.00-150000.1.57.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP5:google-guest-agent-20250116.00-150000.1.57.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-guest-agent-20250116.00-150000.1.57.1.s390x", "SUSE Linux Enterprise Module for Public Cloud 15 SP6:google-guest-agent-20250116.00-150000.1.57.1.x86_64", "openSUSE Leap 15.6:google-guest-agent-20250116.00-150000.1.57.1.aarch64", "openSUSE Leap 15.6:google-guest-agent-20250116.00-150000.1.57.1.ppc64le", "openSUSE Leap 15.6:google-guest-agent-20250116.00-150000.1.57.1.s390x", "openSUSE Leap 15.6:google-guest-agent-20250116.00-150000.1.57.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-25T08:43:34Z", details: "important", }, ], title: "CVE-2025-22868", }, ], }
fkie_cve-2025-22868
Vulnerability from fkie_nvd
Published
2025-02-26 08:14
Modified
2025-02-26 15:15
Severity ?
Summary
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.
References
Impacted products
| Vendor | Product | Version |
|---|
{ cveTags: [], descriptions: [ { lang: "en", value: "An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.", }, { lang: "es", value: "Un atacante puede pasar un token malintencionado que provoque un consumo inesperado de memoria durante el análisis.", }, ], id: "CVE-2025-22868", lastModified: "2025-02-26T15:15:24.993", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2025-02-26T08:14:24.897", references: [ { source: "security@golang.org", url: "https://go.dev/cl/652155", }, { source: "security@golang.org", url: "https://go.dev/issue/71490", }, { source: "security@golang.org", url: "https://pkg.go.dev/vuln/GO-2025-3488", }, ], sourceIdentifier: "security@golang.org", vulnStatus: "Awaiting Analysis", weaknesses: [ { description: [ { lang: "en", value: "CWE-1286", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.